File and FolderAccess Alerts & Response

FileAudit e-mail alerts can be immediately triggered when specific access events are detected. React to the alert with an automated response, direct from the FileAudit console.

The events that trigger the alert can be defined, as can the recipient(s) and message content. With FileAudit an organization can instantly identify and automatically remediate any access that are not in line with their security and compliance policies.

Real Time Alerts on inappropriate Access Events

Single Access Events

Real time alerts to predetermined events such as a file deletion, a denied access or monitoring a suspicious user or IP address, automatically triggers an email to selected recipients, enabling a quick reaction when necessary.

Mass Access Events

By monitoring the frequency of an access type to files and folders, the copying and deletion or movement of bulk files can also be detected and alerted on.

Alerts can be customized based on specific criteria, including:

File and Folder
User and group
Access & object type
Access time
Access frequency
Machine name & IP Address
Process name

Different access types include


A user tried to open a file in ‘Read’ mode


A user tried to modify a file or folder


A user tried to delete a file or folder


A user tried to execute and an executable file

Write attributes

A user tried to modify a file attribute (E.g. Read only or Hidden Checkboxes)


A user tried to take ownership of a file or folder


A user tried to change the permissions on the file or folder


A user moved a file to another directory


A user copied a file


A user created a new file


A user renamed a file


A user shared a file to another user

* Available only for certain Cloud Storage Providers. Full details here

Mass Access and Alteration Event Alerts

FileAudit can also send alerts for bulk file copying and mass file deletion or movement. This new type of alert monitors the frequency of an access type to files/folders performed by the same user.

Alerts can then be triggered when a user performs a number of accesses deemed beyond the tolerated threshold for a defined period of time.

Different mass access types

Bulk File Copying

When a significant number of read accesses are performed during a short period of time, the probability is that the user has executed a copy/paste file operation.

Bulk File Deletion Or Movement

When a significant number of deletions are performed during a short period of time, the user has either deleted or moved a number of files.

The alerts indicate the user name, source, the date and time of the violation as well as the alert parameters, making it easy to further investigate within FileAudit the full access history.

Alerts On Irregular Access Time

Minimize the risk from access outside of your regular working times by triggering alerts when files are accessed during non-business hours.

When configuring alerts, a new tab allows administrators to define, as additional criteria; the business days and hours during which access to the specified path is considered ‘normal/regular’ or the ‘established business hours’.

All access out of the hours configured in this tab will then be considered as ‘irregular’ and will trigger the alert if the other criteria are also satisfied.

Automated Response To Access Alerts

In addition to real-time monitoring and threat identification, something should happen to act on potential threats.

FileAudit can take immediate action to an alert, and not have to wait for IT to intervene. A customized script can be created and run whenever a specific alert is triggered.

Shut down a machine, logoff the user. Act on potential threats before any damage is done.

  • Alerts can be specified for successful or unsuccessful access attempts, or both.
  • As well as emailing alerts, all alerts can also be viewed and modified with the FileAudit console.

With FileAudit Access Alerts, organizations can quickly identify inappropriate access that needs to be reviewed and remediated; significantly reducing the risk of internal threats.


Request a personalized demo now

Discover how FileAudit can help you meet your needs.

Download FileAudit

The trial version offers:

  • 20-day full version
  • limited to 3 systems
  • free technical support

Supported systems

Release Date : 12/17/2019
Version : FileAudit 6.1
What's new in this version ?