Measures reported by AudShrdFoldTest

Audit File Share allows you to audit events related to file shares: creation, deletion, modification, and access attempts. Also, it shows failed SMB SPN checks. The target Microsoft File server allows enterprises to store data in multiple folders and share the stored data among multiple users. auditing is important to ensure data security. Tracking file/folder creation and deletion of files/folders in the folders that are shared among multiple users is mandatory for administrators to keep tabs on the files/folders present in the file server and ensure data security. If a file/folder in the shared folders on the target server is deleted either by unauthorized users or accidently by authorized users, other users can not access vital information in those files/folders. This in turn, can disrupt critical business operations and can even cause the business-critical processes to come to a halt. This is why, it is important for administrators to continuously monitor deletion operations perfomed on the shared folders to prevent unauthorized deletions and ensure better data security. The AudShrdFoldTest can help administrators in this regard!

This test auto-discovers all shared folders on the Microsoft File server and for each shared folder, reports the number of succesful and failed delete events logged in the Security event log. In addition, the detailed diagnosis provided by the test sheds light on the details of the delete events and status, the user who performed the activity, name of the shared folder and affected path, date and time of the event. This helps administrators to keep a track on the delete events to ensure data security and also to easily detect and investigate malicious or erroneous file deletions on the target file server.

Outputs of the test :One set of results for every shared folder on the file server that is being monitored.

The measures made by this test are as follows: