Go Up
You are here: DeploymentConfigure IT InfrastructureWindows File ServersConfigure Object-Level Access Auditing

Configure Object-Level Access Auditing

Netwrix Auditor can be configured to audit all access types, review the table below and select options that you want to track:

  Option Description

Changes

Successful

Use this option to track changes to your data. Helps find out who made changes to your files, including their creation and deletion.

Failed

Use this option to detect suspicious activity on your file server. Helps identify potential intruders who tried to modify or delete files, etc., but failed to do it.

Read access

Successful

Use this option to supervise access to files containing confidential data intended for privileged users. Helps identify who accessed important files besides your trusted users.

NOTE: Enabling this option on public shares will result in high number of events generated on your file server and the amount of data written to the AuditArchive.

Failed

Use this option to track suspicious activity. Helps find out who was trying to access your private data without proper justification.

NOTE: Enabling this option on public shares will result in high number of events generated on your file server and the amount of data written to the AuditArchive.

NOTE: Actions reported by Netwrix Auditor vary depending on the file server type and the audited object (file, folder, or share). The changes include creation, modification, deletion, moving, renaming, and copying. To track the copy action, enable successful read access and change auditing. See Monitored Object Types, Actions, and Attributes for more information.

Perform one of the following procedures depending on the OS:

Go Up