File Server - How to add

Add File Server Resource

Requisites for file monitoring

  • The Windows machine, whose files/folders are to be monitored, must be added as a host (Windows) in EventLog Analyzer server

  • An agent should be installed in that particular machine

     

    Add Windows Hosts

    Note:
    An agent installed in a particular machine can monitor only the files and folders of that machine

Configuring File Integrity Monitoring

To configure File Integrity Monitoring, go to

  • Home tab > File Monitoring > Monitoring List > Actions: Add or
  • Settings tab > Configurations: File Monitoring > Add

     

  1. If you want to monitor the files/folders in a location that is same across various hosts, then you can save the location as a template and assign it to a number of hosts

  2. In the 'Assign host' field, you can either select the host from the auto-complete list or type the host name whose files/folders are to be monitored. You can select/enter multiple hosts only if the files/folders are in the same location across all the hosts

  3. In 'Location(s) File(s)' field, type the location (absolute path) of the files/folders which are need to be monitored. Alternatively you can also import a text file that contains the location

To import the text file click on 'Import' link

    1. Browse and select the text file, that contains the location of the files/ folders that are to be monitored

    2. Click on Import button to import the text file
  1. 'Exclude' field provides you an option to exclude certain sub-folders (contained in the folder specified above), from monitoring. Specify the location of the sub-folder in this field to exclude it from monitoring

  2. Save the configuration by clicking on 'Save Monitoring' button

  3. If you want to monitor the check sum changes in the files, then select the Checksum checkbox. The check sum changes will only be monitored for those files that are added, after enabling this feature
Add Windows Hosts Caution: Monitoring checksum is a CPU, memory intensive activity
Add Windows Hosts Note:
  • If an agent is already installed in the host for which you want to monitor the files, file monitoring will be enabled in the agent. For versions prior to 8050, if you were already using an agent for log collection, it will be uninstalled and 8050 version agent will be installed
  • If agent is not installed in the host for which you want to monitor the files, agent will be installed and file monitoring will be enabled in the agent