File Auditing and Monitoring
for Windows File Servers & Cloud Storage


The Challenge

Whether your goal is to protect your data, prevent ransomware, or meet compliance (or all of the above), you need to track who has access to your files, when, and what they do with that access. But manually monitoring and auditing file access (and access attempts) is time-consuming and overwhelming.

The challenge is even greater for environments with a mixture of on-premises and cloud storage.

The Solution

Protect data across your entire environment – both in Windows File Servers and in cloud storage – with FileAudit’s real-time file monitoring, auditing, and threat prevention.

It’s like having eyes on everything happening to your files, 24/7.

Now you can monitor access, set up alerts, and immediately respond to suspicious activity – either directly or through a pre-programmed automated response. Access to any data is easy to identify and attribute to a specific, individual user. This accountability discourages an insider from acting maliciously and makes all users more careful with their actions. Not to mention, it’s also a common compliance or cyber-insurance requirement.

Even better, you can track, record, and report on all those file access events from a centralized audit.

Thanks to its non-intrusive agentless deployment, you can install FileAudit in less than five minutes – without the typical cost and effort of installation and maintenance on individual servers.

With visibility on all file activity across on-premises and in the cloud, now you can easily answer: “Who accessed your sensitive files today and what did they do?”

of organizations struggle to secure their hybrid file environment.*

Protect data across common use cases

  • Get visibility of all activity across all files, both on-premises and in the cloud
  • Safeguard against improper access, potential theft, alteration or deletion
  • Prevent ransomware by detecting massive file encryption and specific file extensions
  • Significantly reduce your auditing and monitoring workload
  • Respond instantly, and automatically, to threats
  • Perform accurate IT forensics
  • Meet compliance and insurance requirements

* From IS Decisions research report:
Under a Cloud of Suspicion

File and Folder Real-Time Activity Monitoring Pinpoint IP address and machine name Identify all access, access attempts and usage

Monitor all file and folder activity in real time

Tie a specific Windows user to all access, access attempts and usage of files, folders and file shares stored both on-premises and in the cloud with OneDrive for Business, Google Drive, Dropbox Business and Box.

Pinpoint IP address and machine name to know exactly where the user was when they accessed the file or folder.

Audit NTFS permissions & file and folder properties

Ensure data security and compliance by reporting on NTFS permissions for all your files and folders.

Get a complete and centralized view of your file and folder properties such as size, attributes, creation date, last modified and last access date. You can also track and report on NTFS permission changes, to see who made the change, what the change was, and when they did it.

NTFS permissions Properties
Email Alerts to File and Folder Activity Get alerts on a particular IP address Get alerts on a suspicious user

Get alerts on file and folder activity

Give proper attention to suspicious file activity and/or what may equate to a data breach. Get alerts on single access events such as a file deletion, a denied access, a suspicious user, a particular IP address, irregular access times, bulk file copying or mass file deletion and movement.

Respond automatically to stop potential threats

Immediately react to alerts with an automated response. Execute a script to take immediate action before damage is done.

An Automated Response to Potential Threats FileAudit can immediately react with an automated response
Centralized Audit and Long-Term Archiving An secure audit trail on several Windows systems An secure audit trail on cloud storage providers

Level up IT forensics with a centralized audit and long-term archiving

Access an always-available, searchable, and secure audit trail on several Windows systems and cloud storage providers, so you can give quick, accurate answers about who did what, when, and from where.

Customized File Server Intelligence and Scheduled Reporting Interactive at-a-glance access reports

Schedule reports and save time with customized file server intelligence

Get interactive, at-a-glance access reports of everything happening with audited data. You can also schedule reports, access predefined reports and save favorite reports to streamline your process. Take manual work out of your reporting process by setting up customized, regular reports delivered by email to specified recipients, satisfying auditing and regulatory requirements.

Faster, smarter auditing

Easy setup

Install in less than 3 minutes.

Intuitive & easy to use

Modern, intuitive and touch-ready user interface.

Agentless, remote and non-intrusive

Protect all file servers in a Windows environment and in the cloud with OneDrive for Business, Google Drive, Dropbox Business and Box.

Powerful filtering capabilities

Exclude irrelevant data and focus only on insightful and actionable information.

Performance and scalability

Optimize the audit to keep only relevant access events for monitoring.

Automated audit configuration

Automatically configure the auditing of selected files and folders.


For compliance & support with Windows Server 2022 and Windows 11.


Try it free - 20 days, full version

Minimum System Requirements

Operating systems

FileAudit supports the following operating systems for Audit service installation (as for Console installation):

  • Windows Server 2022, 2019, 2016, 2012 R2, 2012, 2008 R2
  • Windows 11, Windows 10, 8.1, 8, 7
  • The .Net Framework 4 is required

Take note that retrieving the IP address of the computer from which the access attempt has been performed through the network is supported for Windows 2008 R2 or higher File servers.

Hard disk

FileAudit installation files and folders require 60 MB of free hard disk space.

Additionally you have to consider the disk space consumed by the database to keep the file access events history: an access event audited by FileAudit consumes 0.5 KB of disk space when saved in the database. You can easily estimate the evolution of the database size by multiplying this value by the average number of access (known or observed during the test phase).


FileAudit supports the following database systems:

  • Microsoft Access database file (mdb)
  • Microsoft SQL Server Express 2008/2008 R2/2012/2014/2016
  • Microsoft SQL Server 2008 and newer
  • MySQL 5.6 and higher
  • SQLite

To facilitate FileAudit evaluation, the installation package integrates an "MS Access database" to archive all file access events. This free database type is limited to 2 GB by design.

We invite you to check the database size evolution during the first days using FileAudit to confirm that the database system you have chosen is correctly designed for your environment.

For all information on requirements

About IS Decisions

IS Decisions is a global software company specializing in Security and Access Management. Trusted by over 3400 organizations, it offers proven solutions for both small to medium-sized businesses (SMBs) and large organizations, including some of the most regulated and security-conscious in the world.

Download this DataSheet in PDF

PDF Version - 500 KB

Client - FileAudit