Click here to expand
ADAudit Plus provides comprehensive event tracking capabilities for Azure file shares. It captures various event categories related to file share activities, ensuring complete visibility into user actions and system events. Here is the list of event categories that ADAudit Plus effectively monitors:
Note: The Files Moved, Files Renamed, and Folder Permission Changes reports will only be generated for SMB file share events, not for REST API events.
ADAudit Plus offers robust reporting capabilities for Azure file share auditing. Take a look at the differences between ADAudit Plus and the Azure portal:
| ADAudit Plus | The Azure portal |
|---|---|
| User auditing | |
| Resolves user security identifiers (SIDs) to human-readable names in all reports | Contains only the SIDs of users in the log data |
| Retention | |
| Retains historical audit data indefinitely | Stores only a certain volume of data based on your Azure license and configuration |
| Reports | |
| Provides dedicated reports for file creation, modification, deletion, and access | Does not have any reporting capabilities |
| User behavior analytics (UBA) | |
| Leverages UBA to detect anomalous events indicating suspicious activities in Azure file shares | Does not have UBA capabilities |
| Real-time alerts | |
| Sends real-time alerts when suspicious activities happen within Azure file shares | Does not have alerting capabilities |
| Automated threat response | |
| Automatically executes custom scripts when suspicious activities, such as privilege escalation or lateral movement, are discovered | Does not have automated threat response capabilities |
| Compliance | |
| Provides prepackaged compliance reports for SOX, HIPAA, FISMA, the GLBA, the GDPR, and ISO | Does not provide compliance reports |
Copyright © 2025, ZOHO Corp. All Rights Reserved.