Knowing who accessed files or directories is indispensable for large companies. But keeping an eye on file accesses manually is way too time-consuming. That is where our file audit sensor solution comes in handy:
Once auditing is enabled on your target system, all types of accesses on the configured files and directories are logged in the Windows security event log. Using the file audit sensor, ServerSentinel can inform you once an event is written to the event log.
The sensor shows you information about who accessed files or directories and if the action was authorized as well as the type of access.
As an administrator I want to know who has deleted a file or directory in the past that should not have been deleted.
As manager I want to get notified when someone accesses critical or confidential data in the file system to that access is very restricted. The notification must include the username of the account that accessed the data.
As an administrator I want to know who has changed, created or accessed a file or directory in the past.
As an administrator I want to be notified when a file or directory was deleted, changed or created and who it was to make sure that the operation was performed by an authorized person.
As an administrator I want that a user is notified by mail when he drops non-conform files to inform him that he violates a policy.
Finished choosing a sensor? Then take the next step!