Version History
FileAudit 6.6 beta Released: April 3rd, 2025
Added
- Support for x64 architectures – the service now runs as a 64-bit process.
- Display of archived databases in a dedicated list.
- New report filter to switch between archived and production databases.
- Predefined scripts to automate alert responses.
Removed
- Option to deploy all permission changes at once from within the report.
- Cloud debug and informational log entries.
Improved
- Permission change reports now consume less memory.
- Support for long file paths.
- Logging of the cluster name (if available) in the AccessEventAnalyzer.
- Report generation performance by using a new query that excludes OldSD and NewSD in all reports except permission and owner changes.
- Memory is now released for report data when refreshing a report in the console.
- Refactored archiving and migration logic to use event blocks based on time rather than database event IDs.
- Additional log entries during the database archiving process.
- Enhanced logging during OAuth2 authentication.
- Additional log entries during maintenance processes.
Fixed
Discover the bugs fixed
- Archiving using SQL Server with Windows Authentication indicates success even if it was a fail.
- Configured path state incorrectly changed to "Not Configured" if the remote server was unreachable during a maintenance task.
- Maintenance task doesn't ignore manually configured paths.
- Under certain conditions, some data could remain in the database after archiving.
- Granular archiving failed when source and destination SQL Server databases contained identical records.
- Infinite loop when disconnecting from FileAudit Cloud.
- Events not displayed in real time for reports using the new improved query excluding OldSd and NewSd.
- Memory leak when translating OldSD and NewSD for permission change detection.
- Maximum packet size exceeded when streaming WCF messages.
- Lock protection on streaming access events after direct database access failure in the console.
- Duplicate script names appearing in the list of executable scripts.
- Error message in alert configuration after open and cancel scripts settings without doing any changes.
- "To" date and time selection was not greyed out when set to "Last Event".
- Memory leak during scheduled maintenance.
- After the trial period ends, the service continued to connect to the cloud and triggered service events.
- Error while checking for @ONEDRIVE during the FileAudit maintenance task.
- Memory leak during report generation using streaming.
FileAudit 6.5 Released: November 30th, 2023
Added
- New alert history report.
- Ability to export and schedule the new Alert history report.
- Automation for audit configuration maintenance.
- OAuth2 authentication for email notifications.
Improved
- Database Manager view becomes Maintenance view.
- Faster loading speed for FileAudit reports.
- MSP web communication errors.
Fixed in 6.5 Beta
Discover the bugs fixed
- Archiving process doesn't remove source access events data if the snapshots archiving fails.
- Reset Layout doesn't work with the group box in the Advanced permissions report.
- Connecting to SQL server database without permissions doesn't generate an error message.
- Setting SQL server database with no server name is allowed generating an error message.
- Database migration from SQL Server to MySQL database never ends.
- The permission report can be incomplete if a file cannot be accessed.
- Database version not detected properly.
- Database information is not loaded when changing the database.
- Tab to get next field in "Add new script" dialog goes in disorder.
- No French translating on Impersonation accounts view.
- Favorites setting is not keept after closing the console.
- Only the first path is displayed on a PDF export of the "File and folder properties" report.
- Unhandled exception is generated with a Token's permission change event.
- Error when opening "Change permission" report on a remote console.
FileAudit 6.4 Released: October 6th, 2022
Added
- Ability to audit changes to NTFS permissions.
- New report "Permission changes" including "old" and "new" permissions.
- Ability to migrate and archive the production database on demand.
- Ability to schedule the archiving of the database.
Improved
- New dynamic variable with the new path location of a moved file or folder for the single alerts.
- Performance scan of the NTFS audit configuration for diagnostics.
- Added translated fields in the RAW data format for the scheduled reports "Simple Permissions" and "Advanced Permissions".
Fixed in 6.4
Discover the bugs fixed
- At service start-up an exception can be triggered when accessing the events analyze queues dictionary.
- Error login with the impersonation account when connecting to an audited server if the account belongs to the Protected Users group in Active Directory.
- Japanese characters in the header slogan are not displayed in the reports.
- The event analyze queue sometimes freezes if the impersonation fails.
FileAudit 6.3 Released: November 30th, 2021
Added
- Detection of the access event "move" on an audited server.
- Filter alerts, reports, and scheduled reports with the new access type "move".
- New predefined report for the access event "move".
- Ability to export reports in .xlsx format.
Improved
- New dynamic variable with the top local folders for the mass alert notification.
- Ability to exclude accounts in the scan options for cloud access audit.
Fixed in 6.3
Discover the bugs fixed
- In some circumstances the database is not updated when the service starts.
- The access audit fails if the audited path name contains special characters with accents.
- Files with a path longer than 260 characters generate a PathTooLong exception.
- Changes in the parameter to define the days to keep snapshots is not refreshed correctly in the view.
- Unhandled exception exporting reports with more than 65000 lines in XLS format.
- Renaming a scheduled access event report is not possible.
- Mass alert doesn't work for cloud access events.
- When UseFullPathForCloudProviders advanced settings is enabled the file name contains slash and not backslash as usual.
- TopFolders dynamic variable can display the same path because it is case sensitive.
- Changes in scan options are not displayed properly.
- In audit paths report, the filtering of paths doesn't work.
- In Windows servers report, the filtering of servers doesn't work.
- Diagnostic process loses the connection with FileAudit service if the "Log System Information" take more than 2 minutes to be retrieved.
- A console when remotely connected to the service, uses the local SQLite database if exists, when it should use the remote service SQLite database.
- Unhandled exception when accessing to audit paths report for an user with only audit permissions.
- Changes in the permissions of FileAudit are not saved.
- Snapshots tile should be denied for a user with only audit permission.
- Filtering on a group with more than 1000 members with a SQLite database is generating an error.
- Under some specific circumstances file deletions are displayed as read events.
- The system cannot find the file specified error (2) while scanning permissions.
- Cloud Audit view is disabled after a subscription.
- The TruncatePath advanced settings doesn't work in the snapshot generation.
- Memory not disposed properly when scanning folders and files.
- Unhandled exception checking the object access audit policy generates a service warning every half hour.
- Changes in the access type or object type filters are not saved in the alerts.
- A false rename access event could be registered under certain circumstances.
- Unhandled exception displaying advanced permissions report.
FileAudit 6.2 Released: July 29th, 2020
Added
- SQLite database as default database.
- Ability to exclude events from not configured paths.
- Ability to select your favourite reports in the dashboard.
- New filters for simple/advanced permissions and file and folders properties reports.
- New scheduled reports, simple/advanced permissions and file and folder properties, related to scheduled snapshots.
- Ability to audit rename access events.
Improved
- Subscription to Cloud providers, by using an external browser.
Fixed in 6.2
Discover the bugs fixed
- Unhanded exception when selecting to display the auto filter row option on the grid view of the permission reports.
- The access event scan can be blocked if there is a snapshot running at the same time.
- Unhanded exception getting the snapshot list just after removing one of them.
- In the file/user views some icons can be removed.
- Unhanded exception when clicking in top files/users in Statistics view.
- Snapshot generation can get stuck in running state if there are some scan warnings.
- In access reports the status icons are not according with the text.
- Deadlock scanning events under certain conditions.
- The service tries to connected to the Cloud provider when it shouldn't be.
- Unhanded exception by clicking on the top 5 files but outside the bar and the text in the user view.
- Activating the audit from the servers view can lost the IP address of the configured server.
- The monitoring of the server stays disabled when disabling and enabling the audit on the servers view.
- Scripts with commands which need privilege elevation cannot be executed as a no default administrators in the servers.
- In the users view the filter doesn't work properly according to the date and hours selected.
- Alerts are not triggered when the process filter is used.
- Memory leak scanning AD groups.
- Events scanned several times when RecordID needs to be truncated to be registered in a MS Access database.
- On a Turkish platform, OneDrive auditing cannot be enabled.
FileAudit 6.1 Released: November 25th, 2019
Added
- Ability to scan file/folder permissions and properties, on demand or scheduled.
- New reports to analyse file/folder properties, basic permissions and advanced permissions.
- New predefined reports for access events.
- Supports SQLite database.
Improved
- Excluded hours from Alerts to allow configuration ranges between two different days.
- Advanced setting UseFullPathForCloudProviders to allow to display in the path file the owner of the resource.
Fixed in 6.1
Discover the bugs fixed
- Changes in the alert execution tab are not updated in other alerts using the same script.
- Alert script execution doesn't work if there is an impersonation account and no working directory in the script settings.
- Scheduling Denied access report doesn't keep predefined filters.
- Communication error loading statistics view in a remote console.
- Client IP addresses are shown in top 5 sources, of statistics view, instead of client names.
- Access Evolution graph doesn't load all the figures if there are more than 500000 events.
- Access denied when exporting from All Access view using a remote console with just Audit permission.
- The MySQL 8.0 drivers ODBC are not supported.
- In the view audited servers, a server is displayed as audit inactive, when the object access is disabled but it has been configured manually.
- Disable the audit, in the server view, doesn't work when the advanced object access policy has been configured manually.
- The servers view is not updated after opening the server details popup, due to a change in the object access policy check.
- Unhandled exception thrown when loading statistics view.
- Unhandled exception when clicking on the numbers of statistics view.
- Web shortcuts in the Help menu do not work in some cases.
- The console may hang when displaying the audited servers and there is much file access activity.
FileAudit 6.0 Released: May 15th, 2019
Added
- Ability to audit accesses on files stored by OneDrive, Box, Dropbox and Google Drive.
- New accesses on files stored by OneDrive, Box, Dropbox and Google Drive (Copy, Rename, Move, Shared etc...).
- New Cloud Audit view in the console.
- Ability to start a process when an alert is triggered.
- New Subscription licenses.
- Ability to remove service events in console Warnings view.
Improved
- Windows Servers and Windows Paths views.
- Event Details view.
- Sync process of Active Directory group members.
- Console Statistics view.
FileAudit 5.5 Released: February, 2018
Added
- New view - access events performed by a specific user.
- New view - access events performed on a specific path/file.
- New view - event details by double clicking in the event.
- New tool (FileAuditReporter) available in the installation folder to access archived databases.
- Ability to generate a scheduled report without sending it by mail.
- Ability to select the folder where the scheduled reports are saved to.
- Ability to keep the history of all scheduled reports.
- Ability to restart the FileAudit service when changing remote connection settings.
- Send notifications to Slack.
Added in 5.5.1:
- Compact MS Access database after events cleanup.
Improved
- Save system in the Settings section.
- Warning notification for any errors whilst generating scheduled reports.
- Tiles in the Welcome Dashboard are greyed out when access is not authorized, according to user permissions.
Improved in 5.5.1:
- Backup of the ServiceLog file when its size is above 1MB while the service is starting.
- Improve the service shutdown while enumerating Active Directory group members in large environments.
- Revoking a server licence removes now all related events in the database asynchronously.
Fixed in 5.5.1
Discover the bugs fixed
- Service warnings related to database size are not sent by email.
- Some warnings makes the Service Warnings section inoperant.
- Administrator permission is required to access the File Access Viewer with a remote console.
- Database maximum size displayed in the EventCleaner information is not correct according to the SQL Express version.
- Alerts are triggered for files whose name, not extension, matches a file pattern extension defined in the alert.
- In rare cases, an unexpected exception is thrown in the FileAuditAgent process.
- The database connection string is not updated in scheduled reports using raw data when it is modified.
- Error serializing and de-serializing the impersonation account passwords when they include some special characters.
- An exception is thrown in the console when the audit verification takes more than 2 minutes.
- In certain conditions, querying the database to generate a report triggers an uncontrolled exception.
- Sometimes, the Access database estimated size is far from the real database size.
- An exception can be generated in the EventCleaner view when the service is overloaded.
- In some conditions, raw data scheduled reports do not work if the service is using SQL authentication.
- When the evaluation license expires, several exceptions can be thrown in different views of the console.
- Database insertion exceptions are displayed in the service warnings as duplicate errors, hiding the real exception.
- Scheduled reports emails are sent without attachment due to denied access to reports generated in shared folders.
- If several service warnings are created at the same time, only one is displayed.
- Inactivity incidents can be notified again even though they already were notified.
- Date and time label of the group in File Access Viewer is not updated with the new events.
- Mass alert view loses its specific settings.
- An error is displayed when a scheduled report is configured with no email address.
- The UniqueId database values for on premise events are not correctly generated.
- In FileAuditReporter, launching a File Access Viewer report displays an error message.
- In FileAuditReporter, database access fails when the connection string uses SQL authentication.
- In FileAuditReporter, the "Group by Object Type" setting displays "0" and "1" items instead of "Folder" and "File".
- In FileAuditReporter, the "Group by Client Ip Address" setting does not work.
Fixed in 5.5
Discover the bugs fixed
- Scheduled reports filtered by "Current..." queries the database with wrong dates after the first execution.
- If there is only one single administrator for FileAudit, it is possible to deny access to the console for everyone, if their administrator permissions are removed.
- Syntax to exclude a user in the User filter is not coherent with the syntax to exclude a group in the Group filter.
- Object Type filter in the File Access Viewer and scheduled reports in the French version doesn't filter correctly.
- Console hangs when deleting events from the database in the license revocation process.
- Installation .exe file's details have incorrect copyright info.
- Publisher field in the "Programs and Features" Windows dialog is wrong.
- Access to "File Access Viewer" with a remote console and without "Configure settings" permission generates an exception.
FileAudit 5.2 Released: April 11th, 2017
Added
- Support for Windows Server 2016.
- Email notifications in case of a new FileAudit service event.
- Ability to filter access events by Active Directory groups. Available in alerts, scheduled reports and the File Access Viewer.
- Ability to filter access events by object type (file or folder). Available in alerts, scheduled reports and the File Access Viewer.
- New FileAudit service event when no file access event has been detected for more than three consecutive days.
- Ability to display the machine name in addition to the IP address when access is made remotely to a file share.
Fixed
Discover the bugs fixed
- Database connection error may generate an exception in FileAudit Settings.
- Wrong language message in FileAudit service warnings.
- Communication between the service and the console may generate an exception when an event's access mask contains an unsupported value.
- Milliseconds missing in the date and time column of the csv file generated from the File Access Viewer.
- Reconfiguring NTFS audit on a path doesn't propagate in sub-folders if root folder is already configured.
- Clicking Check for updates may generate an exception.
FileAudit 5.01 Released: January 25th, 2016
Improved
- The 'Hours' tab of the Alert configuration has moved to 'Excluded hours' tab with a new layout more ergonomic.
Fixed
Discover the bugs fixed
- When FileAudit doesn't find the name of the drive, the drivename.exe is not automatically launched.
- Duplicate records may be inserted in the FileAudit database on specific environment.
- The "g" character is truncated on the second line of the Recipient tile in the Recipients tab of the Alert configuration view.
- Changing the database connection string in the FileAudit configuration may cause a service deadlock.
- Scheduled reports are not correctly updated after a major upgrade during which the installation folder changes.
- Some events could be lost during massive accesses.
- Saving Alert modifications from a remote FileAudit console was displaying an error message although everything was correctly saved.
- When FileAudit monitors more than 10 servers, additional servers may not be monitored properly.
FileAudit 5.0 Released: September 17th, 2015
Added
- FileAudit detects and displays the source IP address when the access is done remotely through a share.
- Alerts can be triggered when a user performs a number of accesses deemed beyond the tolerated threshold for a defined period of time.
- Ability to trigger an alert on access out of business hours.
- FileAudit now supports MySQL as database system.
- Statistics can be displayed for a set of folders/files that can be chosen amongst all the paths registered as audited.
- It’s now possible to add a corporate logo in the printed/exported reports.
- It’s now possible to check the availability of new versions, direct from the FileAudit Console.