How to generate Permissions Change Report?

Permissions Change Report in NTFS Change Auditor allows you to report the permissions changes made to the folders or files in your servers and workstations, since the application is configured for event data collection. To generate the Permissions Change Report, perform the following steps:

  1. Configure object auditing as stated in Configure File System Object Auditing.

  2. Configure the event ID 4670, folders and files for which you want to track the permissions changes in Data Collector Settings for security event log data collection. For more information, click How to configure a host for data collection?

  3. To launch 'Permissions Change Report' window, click menu in the toolbar. The 'Report Criteria' window will appear as shown below:

  4. Specify the Date range for which you want to generate the reports for.

  5. Select the desired Host Name and Folder/File Name to generate the reports for.

  6. Click Generate button to generate the report.

  7. Once the data collection is complete, the report will be generated in a report window as shown below: