FIM - File Integrity Monitoring is only showing NT/Authority

I have the latest version of SEM. And I am running a Windows Server 2019 with file shares

When my users open a file from their own desktop, It flagging as NT/Authority.

How do I fix this?



  • Hello Garen,  If you want to get more information on who is access the file you must make sure that the logging options are enabled either group policy edit on your AD or change the local policy on the server to enable the access details.  

    Typically these are found in windows security event logs for the details you want.

    Look for file auditing on server for a more step by step instructions,