Start a new topic

File and folder auditing

Hi Would be great if you could get your event sentry to perform files and folder auditing on file servers a lot better then using windows file auditing. Our lepide audit tools uses it own agent and it tracks who and when someone accessed a file when it comes to read, write, modify, delete, etc. Issue with windows built in auditing when someone modifies a file it acts as a delete and them create a new file same goes when some moves a file as well which is not accurate, etc. It would be good if you folks used the built in agent you already have to setup and create better file system monitoring then using windows native solution. Also it would be a lot easier to detect ransomware attacks as if you can properly detect file rename then you could trigger alerts if let's say 100 files get renamed in 1 minute to send an email notification and set it to run custom scripts similar to how our lepide audit tool works. Having this built into your event semtry seem would allow us to only have to use one tool and could put you folks In a better place to sell more product as it would have most features needed for auditing for companies purpose. I know this is not something that would happen overnight but would be a great addition to your product if it could be added within the next year
1 Comment

Thank you for the suggestion. This feature was considered many years ago, but was put on hold again due to the complexity. The only way to obtain the type of details we would require is the development of a driver, which is a significant undertaking. 

While it's definitely something we're interested in, file monitoring is only one of many EventSentry features. And the benefit of native driver-based monitoring, while certainly useful, would be somewhat limited.

We will definitely take your input into consideration. 

1 person likes this
Login or Signup to post a comment