See all insights
FileAudit is an agentless, remote and non-intrusive file access auditing software. Before adding folders and files to audit, we need to define some settings.
Hi everyone, welcome to the FileAudit Tutorial. With this video we're going to run through the basic settings of FileAudit. Before adding folders to audit, we need to define some settings.
By default, the FileAudit service is configured to log on as the local system account which doesn't allow the auditing of other machines. To register different impersonation accounts to be used instead of the local system account, click on “Settings” and go to the “Accounts” section. Enter the local administrator account of the file server you want to audit remotely. You can add as many accounts as you need if you have several servers to monitor.
You also need to check the Firewall exception list. The remote audit communication requires the ICMP and the File and Printer sharing for Microsoft Networks Protocols. Check that the Firewall on the FileAudit host and on the target fileserver authorizes these two protocols. Also ensure the Remote Event Log Management is enabled in the Firewall Exceptions list.
Let's now define the E-mail settings used to send any report or alert. To automatically send reports and real-time alerts for specific access events, FileAudit requires the configuration of an SMTP server. To do that you just have to type the server, the port and from what address you want to send these emails. If necessary, you can choose and define the authentication through one of two ways: the Windows authentication mode which uses FileAudit service credentials or the provide credentials mode where you can simply define the credentials to use. You can also switch on “Use SSL encryption”. Once finished, click on the back arrow to save changes and go back to the FileAudit hub. Basic settings are now defined.
Let's see on the next video how to audit a folder.
Free number for US & Canada: + 1-800-492-3951
GMT +1: +33 5 59 41 42 20
© IS Decisions