|File Audit – Release Notes|
File Audit - Version 3.03Added : Support of Windows Vista and Windows Server 2008 object access events.
Added : Support of Windows Vista and Windows Server 2008 User Account Control.
Fixed : You could not invoke FileAudit from the explorer context menu in Windows Vista and Windows Server 2008.
Added : Ability to manage NTFS audit configuration on file and folders directly from FileAudit (Tools menu).
Improved : FileAudit now configures the NTFS audit in order to minimize the number of events generated in the security log.
Fixed : A problem while exporting a report with wide characters in PDF.
Fixed : Exported xls files were unreadable by MS Excel.
Added : Ability to filter out file accesses done by specific executables. You can exclude your backup program, or your anti-virus for example. Go in the options to configure this.
Added : Ability to filter out accesses to specific kinds of files (e.g. temporary files with a TMP extension). Go in the Options to configure this.
Fixed: The revoke license button was not working when the license dialog box was displayed during the startup of FileAudit (evaluation period expired).
Improved: The administrator is notified (warning event or messagebox) if events have been lost since the last security log scan.
Improved: The check of the object access audit.
Fixed: FileAudit was sometimes unable to check the NTFS audit configuration on files/folders.
Improved: Clusters are now managed with their virtual name and not with the name of their active node.
Fixed: The path filter was not working for shares at the root of a disk.
Added: Ability to change the logo in the report (tools menu-->Logo configuration).
Improved: FileAudit only loads needed events from archives in order to display events faster and use less memory (a From time limit need to be set).
Fixed: FileAudit was not displaying denied accesses to folders.
Fixed: The title of the option sheet or the file access property sheet was indecipherable in some cases.
Fixed: FileAudit was not able to check the NTFS audit configuration on mapped network drives.
Improved: Error events are inserted in the event log if the scheduled scan fails for some computers.
Added: The database cleaner allows to regularly remove old access events from the database.
Fixed: The required ActiveX component comdlg32.ocx was not installed with the product.
Removed: The ability to detect the difference between the file deletion and a file move or rename operation. The result was too random.
Fixed: Line feeds were invalid in the CSV export
Fixed: FileAudit didn't propose to configure the audit for local files and folders
Fixed: A bug while configuring the NTFS audit on files or folders
Fixed: During scheduled scans the NetBIOS name of the computer was not inserted in the database
Added: The shell extension (FileAudit in the Windows explorer context menu) is now also available on x64 computers
FileAudit 3.0 beta 2
Added: the help file was updated. The online version is available here
Added: The license system was added. Existing customers covered by the maintenance can now ask for their new FileAudit 3 license key. The evaluation version will allow you to audit files on two computers during 30 days.
Improved: FileAudit can now detect the difference between a file deletion and a file move/rename operation.
FileAudit 3.0 beta
Added: Accesses can be displayed in a printable report
Added: FileAudit can be used without the explorer but the explorer context menu still works.
Added: All access events are kept in a database
Added: The scan of security logs in order to automatically retrieve access events in the FileAudit database can be scheduled using the FileAudit options
Added: Ability to apply an additional filter according to access type (read, write, delete...), the name of the user and a time range.
Added: Reports can be generated automatically by saving a filter and by scheduling a batch using this filter.
Added: If the NTFS audit is not configured on a file/folder to audit, FileAudit will propose to configure it automatically.
Improved: Filter of useless access events (e.g for folders, only delete, permisions change and take ownership events are audited)
Improved: If the same access event occurs several times in the same second FileAudit keeps only one event
Improved: Better analysis of access events.
Important! With this new version FileAudit will be licensed according to the number of servers on which you want to audit file accesses.
Fixed: FileAudit should now work for all kind of clusters or SAN disks
Fixed: The event description was not correctly displayed on Windows 2003 servers
Removed: The "From/Where" button because this feature doesn't work anymore on Windows 2000/2003 servers.
Fixed: The FileAudit window was displayed in other cases that clicking FileAudit on the context menu. For example while opening a start menu folder.
In order to upgrade FileAudit you need to:
Uninstall the previous version
Logoff and logon again
Install the new version
Added: Support of Windows 2003 servers
Fixed: a bug when invoking FileAudit on the root of a disk or a share
Fixed: a bug disallowing to display deleted files in some cases
Improved: a warning message if the audit is not enabled on the server
Improved: a warning message if the audit is not configured for the file or the folder
Improved: a warning message if the security log is full
Improved: a warning message if the user doesn't have administrative rights on the server
Improved: In the status bar FileAudit displays the number of audit accesses for the current file or directory/the total number of audited accesses on the server
Improved: If no object access audit events are found FileAudit displays a warning message in the status bar.
Improved: Support of dynamic drives on Windows 2000/XP/.NET. For a remote monitoring on such computers you need first to execute the command line tools DriveName.exe locally (available in the FileAudit folder) or install FileAudit locally.
Improved: Probably support of cluster and SAN (not yet tested).
Free Product Download
© 2002-2011 Engagent