Netwrix has moved beyond simple logging into security monitoring. You can set thresholds for alerts.
| Report Name | Example Output | |-------------|----------------| | | Shows which users accessed the most files in Finance share last week. | | Changes to Sensitive Folders | Lists every modification to \\corp\HR\Salaries with old/new values. | | Unauthorized Access Attempts | Failed access to \\corp\IT\DomainSecrets . | | Permission Escalation | Any addition of “Full Control” to non-admin users. | netwrix file auditor
| Feature | Netwrix File Auditor | Native Windows Auditing | |---------|----------------------|--------------------------| | | Low (GUI‑driven) | High (SACL editing, event log forwarding) | | Performance overhead | Low (kernel filter) | Moderate to high | | Change details | Old/new values, source IP, process | Limited (only success/failure) | | Reporting | Pre‑built, schedulable, email‑ready | Requires log parsing (PowerShell/SIEM) | | Retention management | Automatic SQL pruning | Manual or scripted | Netwrix has moved beyond simple logging into security