File Access Tracking

File Access Tracking collects all successful file access activity that is logged by the Operating System when auditing on a directory and/or file is enabled.


Download Now Request a demo

File Access Tracking collects all successful file access activity that is logged by the Operating System when auditing on a directory and/or file is enabled. You can utilize this feature to either capture all file access activity or only capture file access activity on security-sensitive files and folders. File Access Tracking can report on.

  • files being added to a directory
  • files being deleted from a directory
  • files being modified
  • other file changes such as permission or ownership changes

Like most features, file access tracking can be customized to only capture specific file access (e.g. write access) and you include/exclude files based on patterns like extensions.

Additionally, file access tracking can include the following information about a file change:

  • The username of the user who performed the action
  • The computer and/or IP address from which the action was performed (optional)
  • The process which performed the action (unless performed through a file share)

File Access Tracking requires that auditing is enabled on all folders that are being monitored with the file access tracking feature.