What's new in FileAudit 6
- Alert history reports
- Database Manager becomes Maintenance
- Audit configuration maintenance
- OAuth2 authentication for FileAudit email alerts
- Faster loading speed for FileAudit reports
- Improved MSP web communication error
- Download FileAudit
- File or Folder Move
- New predefined report
- New favorite report
- New parameter for alert
- New export available
- Download FileAudit
- File or Folder Rename
- Schedule NTFS Permissions and Properties Reports
- Favorite Reports
- Exclude Events coming from Non-Audited Paths
- SQLite as default Database
- Download FileAudit
- Audit simple and advanced NTFS permissions
- View file and folder properties
- New reports
- New compatibility
- Download FileAudit
FileAudit 6.5 (beta)
FileAudit alert history reports spare you the pain of scrolling through FileAudit alert emails to spot patterns and identify issues. Now, your alert history comes together in one place, so you can:
- Cut the noise with powerful filters to zoom in on the information you need and more easily catch issues.
- Get actionable information to:
- Spot potential security risks when a user sets off repeated alerts or regularly attempts access outside of normal working hours
- Identify needs for more end-user training or communication to reduce future alerts
You’ll notice that the Database Manager tile is now Maintenance, allowing for a new update that allows audit maintenance (details below).
New: Ensure compliance with scheduled, automatic maintenance of audit configuration on audited servers and paths
In the “Maintenance” tile, you’ll see a new “Audit” tab. Now, you can schedule regular maintenance of your audit configuration on audited servers and paths. These maintenance tasks check that your audit configurations have not been modified or overwritten by a GPO, and reconfigure them if necessary.
If you use a Google or Microsoft mailbox for FileAudit alerts, you can now replace SMTP authentication with the more modern OAuth2 authentication protocol.
You can now spend less time on reporting since your FileAudit reports now load faster, use less service memory, and have no impact on GUI.
A more detailed error message now allows you spot the problem faster when you have a web communication issue accessing and/or setting up a new MSP license key.
Report on changes to NTFS permissions and gain better insight into access rights across the entire file system directory
NTFS Permission changes are a Windows access type event. An attempt to change the permission of a selected file/folder is monitored by FileAudit and stored in the FileAudit database, similar to other access events.
- Oversee all NTFS permission changes for every impacted user/group on a file/folder.
- Drill-down to view the detailed information of permissions added, removed or modified.
- Get actionable information such as the name of the user who changed the permission, whether the assigned permission is a denied or allowed right, the permission rights prior to the change, and whether the change is inherited.
- The table-based results enables comprehensive filtering, making this tool extremely simple to use.
Copy your data to a new production database (MySQL, SQLite, SQL Server or MS Access).
See details here.
Transfer data from one database provider to another one (MySQL, SQLite, SQL Server or MS Access). Regular transfers can be scheduled according to set criteria. FileAudit removes the data from the production database after a transfer has been completed.
See details here.
A file or folder moved within the same Windows file server can now be detected by FileAudit 6.3 as an access event “move”.
Having the ability to track file and folder movement, provides the granular access information required for enhanced security and compliance audits.
In the 'All Access Events' view, this real-time movement of files or folders is displayed as a single-line event.
In addition, a new predefined report can now be used: "File move".
In the ‘All Reports’ view you can directly select your new report ‘File Move’.
Also available on alert filters is the new access type "move".
In FileAudit 6.3 a new export for Excel (.xslx) is now available
FileAudit can now track, alert on and audit whenever a file or folder is renamed.
A single-line event of the change is displayed in the ‘All Access Events’ view.
A new predefined report is also available: “File Rename”.
With FileAudit 6.2, you will now be able to schedule the following reports: “Simple Permissions”, “Advanced Permissions” and “File and Folder Properties”.
In the “All Reports” view, you can now select your favorite reports to be also displayed on the main dashboard. Choose a favorite by simply clicking on the ‘star’ of the report tile.
Note: There is no limit on the number of reports.
Previously, a small number of events from non-audited paths would be displayed in FileAudit. This was due to either the NTFS audit being manually configured or another tool’s audit configuration.
To ensure only the events from an audited path - configured in FileAudit – are seen, a new exclusion filter can be set in the scan settings of FileAudit.
You have the option to either enable or disable the exclusion.
FileAudit 6.2 now offers SQLite as the default database. It has free unlimited capacity.
Monitor all simple and advanced NTFS permissions of your files and folders to ensure data security and compliance.
FileAudit 6.1 allows you to have a centralized view of the NTFS permissions (simple and advanced) of your files and folders.
To do so, the software scans all the audited paths you have defined, and saves the information in snapshots. The generation of a snapshot can be done instantly or scheduled at a different time.
You can then filter the results by column (by account or permission type for example) to only focus on the relevant data you need.
Get a clear overview of your file and folder properties to easily track and manage disk usage while getting insightful information.
FileAudit 6.1 allows you to have a complete and centralized view of your file and folder properties such as size, attributes, creation date, last modified date and last access date.
Here again you can filter the results by column (by file size or last access date for example) to only focus on the relevant data you need.
Predefined reports are now available.
With FileAudit 6.1, you now have access to several predefined reports grouped into 3 categories:
- Summary Reports
- Permissions Reports
- Access/Denied Access Reports
More info on the reports here
FileAudit is now compatible with SQLite databases.
Audit accesses on files stored by OneDrive for Business, G Suite Business, Dropbox Business and Box.
Traditionally, FileAudit monitored files and folders on Windows Active Directory-based servers, but with the release of Version 6.0, IS Decisions has extended FileAudit’s monitoring capabilities to major cloud file storage providers.
Now, if you’re managing your organization’s storage with a mixture of on-premises and cloud storage, FileAudit gives you a consistent view of the security of your data across all your storage servers —from one tool and one consolidated dashboard.
- Real-time and historical audit trail of who accessed critical files, what they did (including Copy, Rename, Move and Shared), and when they did it.
- Alerts on actions deemed abnormal to help quickly identify inappropriate file activity and potential abuse.
- Comprehensive and centralized reporting to give precise answers to questions about malicious access, alteration or the destruction of sensitive files.
- Robust filtering capabilities help quickly answer the questions.
Organizations must achieve the same levels of visibility over access to and usage of file data in the cloud as they have enjoyed for years on-premise. A single, consolidated view of all file activity – both in the cloud and on-premises – will reduce the risk associated with allowing users anytime, anywhere, any device access to cloud-based file data.
Trigger a specific action when something is detected by one of your FileAudit alert rules. Create a script and allow it to run whenever the alert is triggered.
This method allows you to automatically react to an abnormal or suspicious event. For example you could execute a script to shut down the machine or logoff the user.