File Audit - Find out Who touched What
To manage and correlate Security Event logs, click
To enforce concurrent Logon and
Generate Logon Reporting, click
To monitor access to your
organization’s data, standard Microsoft utilities only propose manual event
log analysis. This very limited functionality leaves administrators having
to decrypt hundreds or even thousands of events, attempting to retrieve
those of interest to answer the question who touched what file.
doesn't need to be complicated. File Audit can be installed and configured
in literally a minute or two. Specify a local path and some file types to
watch and it will get to work immediately.
Consider these advanced features:
1. File Audit runs as a service, so it is monitoring
your system as soon as the computer is started--there is no need to login or
start a program manually.
2. It has advanced resource usage throttling to make
sure it doesn't affect the server it is running on or the network.
3. (Pro Only) HTTP based reports for viewing within the
File Audit Console, or from a web browser.
4. Schedule reports to be automatically generated, and
optionally have the URL emailed to you.
5. Ad hoc reports to quickly get answers based on data
6. Powerful and flexible actions that run in response
to your alert criteria.
7. File Audit will tell you more about server file
access than you've ever been able to find out before.
instantly gives a comprehensive list of File Access Queries, reports and
attempts (accepted or denied)
modification attempts (accepted or denied)
detailing: the user, the domain, the date and time of the connection and
a selection of files
a folder and
a selection of
folders and subfolders
and gives you a very
simple and efficient way of controlling the use made of your organization’s
sensitive and confidential data.
How does File Audit® work?
Engagent File Audit's active file and folder auditing can be an
important part of your Sarbanes-Oxley compliance, Payment Card
Industry (PCI) compliance, and more. Plus, with the built in
security settings, you'll know nobody is tampering with your File
Some of the easy to use features include:
- Monitor all files or a subset of files on a local disk for
changes, access (reads), deletes, etc.
- Receive notifications via email, SMS, SNPP pager, etc
- Record file access, user and program to log files
- Monitor log file integrity -- alert on changes, but keep
quiet on normal log appends
- (Pro only) Receive advanced file auditing alerts based on
user behavior, such as reading all files in a folder (which
might be a copy operation)
- (Pro only) Record file and folder access to a database, and
generate reports on specified files, users, access type or time
Why File Audit® ?
Experience these benefits:
efficiency: instant display, multiple
security for your confidential and sensitive data
- eradication of the workload related to data surveillance
- help toward your information systems compliance as to multiple international
regulations and standards (HIPAA, Sarbane-Oxley, GLBA, NIST/FIPS, ITIL,
COBIT, CISP, ISO 17799…)
- simplicity of use: context menu, agent-less solution
File Integrity Monitoring
Many compliance mandates require auditing file access and
ensuring file integrity. Among those are: PCI DSS 10.5.5, 11.5, 12.9.5, SOX
DS5.5, GLBA 16 CFR Part 314.4(b) and (3), HIPAA 164.312(e)(1), FISMA AC-19,
CP-9, SI-1, SI-7, ISO 27001/27002 12.3, 12.5.1, 12.5.3, 15.3
File Audit can monitor log files, even files that were opened before File
Audit started. In addition, it can alert on writes (changes) to files, but
ignore the expected appends to log files.
Access event archiving
Schedule File Audit to automatically archive into a database, at regular
intervals, storing the file access events that occur on one or more systems.
Audit and reporting
File Audit displays file/folder access history in a printable report that can
be scheduled to run automatically and exported in PDF format.
Ease of Use
- Elimination of all duplicated, irrelevant and pseudo events, rendering
analysis a lot easier and sparing backup disk space
- Ability to add display filters: accepted or denied access, type of
access (read, write, delete, ...), user account, time frame, etc...
- Quick access to the latest files/folders audited
- Automatic configuration of the Windows audit on files/folders with
default audit values
File Audit Setup