Historique FileAudit^®

• Added: Support of Windows Vista and Windows server 2008 object access events
• Added: Support of the Windows Vista and Windows server 2008 User Account Control
• Fixed: You could not invoke FileAudit from the explorer context menu in Windows Vista and Windows server 2008
• Added: Ability to manage the NTFS audit configuration on file and folders directly from FileAudit (Tools menu)
• Improved: FileAudit configure now the NTFS audit in order to minimize the number of events generated in the security log.
• Fixed: A problem while exporting a report with wide characters in PDF
• Fixed: Exported xls files were unreadable by MS Excel
• Added: Ability to filter out file accesses done by specific executables. You can exclude for example you backup program, or your anti-virus. Go in the Options to configure this.
• Added: Ability to filter out accesses to specific kind of files (e.g. temporary files with a TMP extension). Go in the Options to configure this.

• Fixed: The revoke license button was not working when the license dialog box was displayed during the startup of FileAudit (evaluation period expired).
• Improved: The administrator is notified (warning event or messagebox) if events have been lost since the last security log scan.
• Improved: The check of the object access audit
• Fixed: FileAudit was sometimes unable to check the NTFS audit configuration on files/folders
• Improved: Clusters are now managed with their virtual name and not with the name of their active node
• Fixed: The path filter was not working for shares at the root of a disk
• Added: Ability to change the logo in the report (tools menu-->Logo configuration).
• Improved: FileAudit only loads needed events from archives in order to display events faster and use less memory (a From time limit need to be set)

• Fixed: FileAudit was not displaying denied accesses to folders.
• Fixed: The title of the option sheet or the file access property sheet was indecipherable in some cases.
• Fixed: FileAudit was not able to check the NTFS audit configuration on mapped network drives.
• Improved: Error events are inserted in the event log if the scheduled scan fails for some computers.
• Added: The database cleaner allows to regularly remove old access events from the database.
• Fixed: The required ActiveX component comdlg32.ocx was not installed with the product.

• Removed: The ability to detect the difference between the file deletion and a file move or rename operation. The result was too random.
• Fixed: Line feeds were invalid in the CSV export
• Fixed: FileAudit didn't propose to configure the audit for local files and folders
• Fixed: A bug while configuring the NTFS audit on files or folders
• Fixed: During scheduled scans the NetBIOS name of the computer was not inserted in the database
• Added: The shell extension (FileAudit in the Windows explorer context menu) is now also available on x64 computers

• Added: the help file was updated. The online version is available here
• Added: The license system was added. Existing customers covered by the maintenance can now ask for their new FileAudit 3 license key. The evaluation version will allow you to audit files on two computers during 30 days.
• Improved: FileAudit can now detect the difference between a file deletion and a file move/rename operation.

• Added: Accesses can be displayed in a printable report
• Added: FileAudit can be used without the explorer but the explorer context menu still works.
• Added: All access events are kept in a database
• Added: The scan of security logs in order to automatically retrieve access events in the FileAudit database can be scheduled using the FileAudit options
• Added: Ability to apply an additional filter according to access type (read, write, delete...), the name of the user and a time range.
• Added: Reports can be generated automatically by saving a filter and by scheduling a batch using this filter.
• Added: If the NTFS audit is not configured on a file/folder to audit, FileAudit will propose to configure it automatically.
• Improved: Filter of useless access events (e.g for folders, only delete, permisions change and take ownership events are audited)
• Improved: If the same access event occurs several times in the same second FileAudit keeps only one event
• Improved: Better analysis of access events.


Important! With this new version FileAudit will be licensed according to the number of servers on which you want to audit file accesses.

• Fixed: FileAudit should now work for all kind of clusters or SAN disks
• Fixed: The event description was not correctly displayed on Windows 2003 servers
• Removed: The "From/Where" button because this feature doesn't work anymore on Windows 2000/2003 servers.
• Fixed: The FileAudit window was displayed in other cases that clicking FileAudit on the context menu. For example while opening a start menu folder.


In order to upgrade FileAudit you need to:

• Uninstall the previous version
• Logoff and logon again
• Install the new version

• Added: Support of Windows 2003 servers
• Fixed: a bug when invoking FileAudit on the root of a disk or a share
• Fixed: a bug disallowing to display deleted files in some cases
• Improved: a warning message if the audit is not enabled on the server
• Improved: a warning message if the audit is not configured for the file or the folder
• Improved: a warning message if the security log is full
• Improved: a warning message if the user doesn't have administrative rights on the server
• Improved: In the status bar FileAudit displays the number of audit accesses for the current file or directory/the total number of audited accesses on the server
• Improved: If no object access audit events are found FileAudit displays a warning message in the status bar.

• Improved: Support of dynamic drives on Windows 2000/XP/.NET. For a remote monitoring on such computers you need first to execute the command line tools DriveName.exe locally (available in the FileAudit folder) or install FileAudit locally.
• Improved: Probably support of cluster and SAN (not yet tested). We are waiting for your feedback.