Egnyte’s Permissions Audit Report shows how permissions on your Egnyte domain have changed over time. This provides complete auditing of folders shared internally and externally. Any changes made to folder permissions will be captured in a Permissions Audit Report. By the end of this article, you'll be able to run a File Audit Report, understand what each parameter does, and know what's included in the report.

Audit Reports are available for Office plans or higher that purchase the Advanced Security Package.

If you'd like to learn more, our Reports and Auditing Overview article covers all of the reports available to you.

Skip Ahead to...

Run a Report

Parameters

Permissions Audit Report Output

Examples

Run a Report

From the Reports Center, expand the Audit section and select Permission Reports.

Screen_Shot_2018-12-17_at_10.16.08_AM.png

Click on the + New Report button to begin. You'll need to name the report and choose the parameters for the report.

Screen_Shot_2018-12-17_at_10.17.32_AM.png

Parameters

You may select one or more parameters to narrow down the activity you would like to view.

  • Date range: Narrow down auditing by activity day or date range.

    Egnyte purges all audit logs older than 3 months.

  • Assigner: Narrow auditing report to access given by specific users (assigner). You can search for Any user, specific users (Selected users), or all users from a selected group or groups (Users in selected groups).
  • Assignee: See how a user or users (assignee) permissions have changed. You can search for Any user, specific users (Selected users), or all users from a selected group or groups (Users in selected groups).
  • Folders: Choose to view activity on specific folders, and folder, or folder names matching a specific term.

 

Permissions Audit Report Output

When you submit any audit report, you will receive an email and alert within a few minutes letting you know that the report is ready for viewing. If it is a smaller audit report, you'll have access to it right away.

Since audit logs for file activity are captured periodically through the day, you may not see activity for the last few hours in your report.

Screen_Shot_2019-04-12_at_8.15.50_AM.png

The permissions audit report displays the following information:

  • Date: Provides the time stamp of the activity.
  • Path: The path to the folder for which the permissions were changed.
  • Changed by: The first name, last name, and email address for the user that changed the permissions (assigner).
  • Change type
    • For user: Displays if the change was made for a specific user
    • For group: Change was applied to a group
    • Via group for user: A user's permissions were changed due to the group permissions changing.
    • Permission inheritance: Permission inheritance was either turned off or on for the related folder. You can see more details about the change in the Before/After and Action Info columns.
  • Changed for: Shows the name and email address (if user) of the user that had the permissions changed for. The Changed for column will have a dash if the Change type was Permission inheritance.
  • Before: Shows what the user or groups permission was before the change. If there's a dash in this column, it means there were no permissions related to the user or group before the change was made.
  • After: Shows what the user or groups permission is after the change. If there's a dash in this column, it means there are no permissions related to the user or group after the change was made.
  • Action Info
    • Listing group members: Current group members are captured (system action)
    • Remove inherited permissions: Indicates that permission inheritance was removed (turned off) and inherited permissions were deleted.
    • Keep existing permissions: Describes that permission inheritance was removed (turned off) and all the permissions were copied for the folder.
    • Via permission inheritance enabled: Designates that permissions were applied to the users and groups because permission inheritance was enabled for the associated folders. Using the Event Set column, you can learn more about which users and groups were affected.
  • Group Info: If a permissions change was made to a group of users, this column would provide the group name.
  • Event Set: Related events will share the same Event Set ID, so it's easier to sort and find associated actions.

Examples

  • Select "Keep existing permissions" when turning Permission Inheritance off: You will see one record in the report with Permission inheritance in the Change Type column and Keep existing permissions in the Action Info section.

    Screen_Shot_2019-04-12_at_8.16.07_AM.png

  • Select "Remove inherited permissions" when turning Permission Inheritance off: Multiple records will be created when this option is selected.
    • Action Info will show Removed inherited permissions for the initial change.
    • Records will describe how the change affected inherited permission for users and groups with Via permission inheritance disabled in the Action Info column. If a group was affected, you'd also see a record of Listing groups members in the Action Info column.
    • All of these records will have the same Event Set ID.

Screen_Shot_2019-04-12_at_8.17.51_AM.png

  • Turning inheritance off with "Remove inherited permissions," then turning inheritance back on: Multiple records will be created.
    • Change type will show Permissions inheritance for the turn off and on actions, and additional records will be created for the rest of the user and group changes.
    • The After column will show Disabled when it's turned off and Enabled when turned back on.
    • Two Event Set ID's will be created; one when turning off inheritance and one when turning it back on.

Screen_Shot_2019-04-12_at_8.18.53_AM.png