Navigation: Monitoring with EventSentry > Compliance Tracking > File Access Tracking >
Access Masks & Filter
|
Navigation: Monitoring with EventSentry > Compliance Tracking > File Access Tracking > Access Masks & Filter |
|
|
You can specify which types of file access are being tracked to ensure that only relevant events are being recorded in the database. Additionally, you can setup file filters to include or exclude files that match a pattern.
Access Masks Windows distinguishes between the following access masks when recording file access activity, either through regular or operational events:
For example, to track when users change files, make sure that WriteData and AppendData are both selected. To record when files are deleted, make sure that Delete is checked.
Filter The default filter ("Include") includes all files but lets you specify exclusion on a by case basis. For example, you could exclude all files that have a tmp extension by specifying the following filter:
*.tmp
Please note that the file filter is compared to the full file name including the file path.
|
