Send Knowledge Base Article
The article has been sent to your inbox successfully.
We never share your data
Why reports reflect folders which weren't supposed to be scanned?
KB1746 | Last review: Oct 10, 2013 | Netwrix Auditor for File Servers | All versions
|Question||A few shares are enabled, but in the reports you are seeing a folder which wasn't supposed to be scanned.|
|Answer||For the most part, the product collects events from the windows Security log. If a UNC path is specified in Managed Items as "\\server\share\folder", but the actual share is "\\server\share", in your report you can get events related to "\\server\share\folder2" which was not supposed to be scanned. Take a closer look at the reported folders' audit settings - it can be inherited from some of the root folders and make it appear in reports. Also you can use the omitstorelist.txt file which is located in product installation directory to exclude any folder or file from being reported.|
Was this information helpful?