Azure natively provides an audit feature to track any updates, reads, and deletions using Azure monitor. Azure Storage logs in Azure Monitor is in public preview, and you can find more details at
https://learn.microsoft.com/en-us/azure/storage/files/storage-files-monitoring?tabs=azure-portal#creating-a-diagnostic-setting
How to do file access auditing in Azure Files for moves, deletes, etc. natively or using third-party tools?
currently we use Varonis DatAdvantage to monitor our on-prem file shares for auditing user access to files to track when files/folders are moved, deleted, modified, created etc. We do have a ticket in with Varonis to ask the same question but wanted to pose this to the community too because it seems like a very important aspect of putting file shares in storage accounts via Azure Files.
-
Ravi Kanth Koppala 3,231 Reputation points Microsoft Employee
2021-12-28T20:27:00.38+00:00
1 additional answer
Sort by: Most helpful
-
Ruokangas, Wendy-SQL 21 Reputation points
2021-12-28T20:43:39.417+00:00 Thank you @RaviKanth-5629 for the information. I did see these options in the Diagnostic settings and will have to test it to see if it provides adequate audit information. Also I am very curious if anyone has been able to implement third party file auditing programs such as Varonis' DatAdvantage. Still waiting to hear from Varonis themselves but with the holidays response has been slow.