About Netwrix Auditor
Gain complete visibility and control over IT infrastructure changes and configurations
Eliminates sifting through several event logs to find the relevant information. Allows easy investigation into changes not authorized or a failed system.
I also wish it was installed without a web component that I need to worry about patching.
Filter reviews (140)
A good product for the money
Comments: We have been quite happy with Netwrix and staff are starting to rely on it for detailed auditing.
Netwrix Auditor is a good product that audits all of the items we need to audit. It will audit file servers, database server, Active Directory Servers, SharePoint servers and a whole lot more. We use it for all of these items and the price did not go up because we added more machine types.
Netwrix can be a bit finicky at times. We have has it stop auditing a server because the configuration on the server was changed. It took a bit of work with support for them to realize that it shouldn't have stopped due to the configuration change and once they figured that out, they fixed the problem. Once we got the auditing to start, it picked up all of the items it missed while it wasn't auditing, so we lost nothing.
Great Website, Slick Interface. Awful Support
Comments: IT reported the technical support was responsive, but my experience with customer support was very negative. I had several instances of emails going unanswered, sometimes but not always because my contact left the company and our account was never handed over appropriately.
The website trial shows off the features of the software while also teaching how to perform a user access audit. The user interface is very clean, user-friendly, intuitive, and snappy. The software comes with a lot of explanations for the built-in reports to help users understand what the report is used for. The software also makes it really easy to monitor the organization, with alerts for unacceptable actions or for unusual behavior above thresholds.
Our IT department spent a long time working on getting some of the features and reports working, with some success, but many reports and features were never fixed after a whole year of working with support. Apparently Netwrix support was responsive, but their fixes often failed to work.
Netwrix auditor does what is needs to but watch out for hidden cost
Comments: Started off ok, but when the extra bill came and rude sales guy started in we were more than happy to turn this off. We moved to a fully managed SOC.
I liked I could get reports on who made changes to everything on my domain. I knew when someone adjusted a group policy, created a user, or made a change in SQL.
We set this up to monitor employees only. We did not want to monitor students or service accounts because of the extra cost. The count on the user side showed 2000+ and we were not licensed. I opened a support ticket with the company and was told not to worry about it because it would just not monitor any user because of the license. I didn't like the answer, but it was still monitoring so much more. Then a year later I was hit with a huge bill because we had 2000+ people being monitored. We decided to just turn of the service.
Great Multipurpose Auditing Tool!
Comments: Overall, things have been great while using the Netwrix Auditor. Support is fantastic, the tool has a lot of useful reports for compliance, permissions, identifying broken accounts, monitoring and more. The Active Directory auditing is also useful; something I missed on putting in the Pro section because of a character limit. I hope others find this tool as helpful as I have.
Let me start off by saying that there are many things to love about the Netwrix Auditor. If you are looking for a tool that can bring value and accountability to your department, continue reading. One of the primary things I like about the Netwrix Auditor is the reporting tool; there are reports for anything you can think of. These reports are useful to present to different departments in your company for different things. Management may find utile reports that show all permissions a folder has. This can help them weed out any members that should not have access to things. The IT department may also find useful reports that identity orphaned SIDs. There are also reports that can be used for anomaly detection - meaning, when a mass action (such as a deletion and movement of files) is done, an email will be sent. Another facet of the Netwrix Auditor I like is the setup of the subscription plans. Unlike the ad-hoc nature of reports, these subscription plans can be used to run certain reports on a schedule. This allows you to always be informed when things are triggered or when looking for a scheduled report needed for management. The alerting feature works great and has never caused an issue. One last Pro I will mention is how easy it is to upgrade the Netwrix Auditor. When there is a new version being released, upgrading is very straight forward. Upgrading retains your monitoring plans, subscription reports, and also providers better features with the new version.
The only Con I can mention about the Netwrix Auditor is that the reporting feature can appear difficult to use. You will spend some time trying to get reports to work with the fields they give you. Although, it's not difficult, you just need to jump into it. Support will very gladly help you with any issues or bumps you run into; support is amazing! Given what they offer in reporting, this is my only minor complaint. If you ever find that you are looking for a report they don't have, contact support.
If you are held to a number of regulatory governances, Netwrix Auditor is for you
Comments: If ever anyone is requiring a software that will audit their systems, I immediately recommend Netwrix because of the community presence (I have dealt with them primarily on the Spiceworks forums), and their amazing canned reports.
The amount of data you can collect about security events, group changes, object moves and deletions, system and file access (and much more) is astounding, especially considering the price. If I need to track something new that I wasn't thinking of when I bought this software, I only need to dig a little and there's something there already for me to utilize. The variety of things we can monitor from a system level is fantastic too. Windows domains, file servers, Office 365, VMWare, SharePoint, SQL and more...each type of audit task yields the same types of reports as the other. Easy color coding for quick visual assessment. Setting up is a cinch. The documentation has just about everything you'll need to get running, and the knowledgebase handles all the extra gotchas that you may run into if you have a temperamental environment :) Probably one of my favorite things about Netwrix Auditor: no-nonsense licensing.
I think that the UI change from the prior major version to the new was the most jarring. I suspect it wouldn't have been as difficult to understand had I started with the newest UI.
Great tool for network visibility
Comments: I find visibility to be one of the greatest tools as a network manager. Netwrix gives me the ability to monitor file actions as well as account actions that may tip me off to a security breach on the network. Or, if an employee wants to know the exact reason a file went missing I am able to query Netwrix and provide an exact answer, even a screen capture of the event in progress if I wanted. With customizable notifications I am able to get on the spot information when specific events occur, like somebody attempting to log into a Domain Administrator's account without authorization. Though a little expensive, it is better to have the security Netwrix auditor provides than to allow a network breach go unnoticed until it is too late.
Easy to setup monitor AD, Logs, Events, etc customizable notifications visibility into files, Group Policy, Active Directory, Office 365, Azure, etc advanced features that help track down file actions, like screen captures or recordings of the actual event
The interface is sluggish can cause some network interference if not tuned properly cost
Great Tool for Sys Admins
Comments: Overall, I am extremely satisfied in this product for the features and function that save time. Having this tool has provided value several times over since installation several years ago, and the proof is in the pudding. It works and provides valuable insight into system health and the WHO, WHAT, WHEN and WHERE.
Easily identify the 4 W's: Who, what, when, where. Eliminates sifting through several event logs to find the relevant information. Allows easy investigation into changes not authorized or a failed system. Alerts easy to setup for notifications of items you need to know about.
Occasionally, services fail and don't stop, so monitoring the service doesn't tell you that there is a problem until it is too late. No preventative as I would like.
The additional set of eyes you need.
Netwrix Auditor was easy to deploy and you can very quickly gain deep insights into what is occurring in your environment. A huge positive is that a single application can provide data for so many different environments.
Not a knock against the software itself, but in some cases, requirements for certain audit features could be documented a bit better or more centrally. Perhaps this has been improved upon since my initial deployment 5+ years ago.
Comments: After getting the system up and running it has been a great tool for being proactive when monitoring our environment. The automated reports work great.
Automation!! Set it and forget it. Once you set up the items you want to monitor, you have the ability to shift your focus to other important items and then be alerted when the criteria matches your rules.
A little complicated to get things working at first.
Great product, easy to use & helps with GDPR compliance
Comments: Netwrix saves me time not having to go through continuous logs. I can just run reports on demand and review the scheduled reports. It also ensures helps to manage permissions and AD accounts. Netwrix saves me quite a bit of time on a weekly basis.
Consolidates logs, easy to access reports on AD/file server changes. You are also able to set up alerts for account lockouts, failed logins and more. Netwrix can also help detect ransomware by reporting on bulk file changes (thankfully this isn't an issue for us). The application is easy to set up and navigate.
Whilst the modular approach is great for price/budgeting, it's a shame you can't trial the different modules for 30/60/90 days before making a decision on which modules to implement.
Netwrix Auditor (AD, File, Windows Server, Logon Activity Auditing)
Comments: My Company has been using Netwrix since 2013, and it has been great for us. We love the reports that it generates around our Active Directory, Exchange, Windows Servers etc., including the alerts that we subscribe to for delivery. We've also used the Audit reports for our Auditing request, which we can produce in minutes with Netwrix, which used to take us days to put together. We've also used as a training tool to teach helpdesk level personnel, as it helped us capture errors that were done in Active Directory (and reverted back with the nifty Rollback feature), and that allowed us to customize training for an new employees while working in Active Directory. Wading through event viewer events is no fun and very tedious, enter Netwrix that makes much more efficient, as you can build reports on a specific object and/or date range. I can’t tell you how many times we've used it to trace a lockout of a user and where exactly the user was being locked out from - incredibly helpful, as this occurs with regularity. Netwrix has been absolutely brilliant for us, it's auditing, alerting and reporting capabilities has been and continues to be of great use for my Company. I must also give kudos to the Netwrix helpdesk, as there are very knowledgeable and have assisted successfully on numerous occasions. Highly recommend Netwrix for any company that’s looking to audit their internal systems, with great reporting and alerting for all your critical and non-critical systems.
Ease of installation and usage, Reporting, alerts, etc.
I noticed that the new version of Netwrix tends to eat up a lot more hardrive disk space, but this is due to fine tuning Audit. Without proper tuning, it will easily eat up 100GB - which is what I experienced.
Great software that reads your event logs and makes it easy to read, break down and report on.
Comments: Know exactly what is happening in your network so you can detect problems and intrusion attempts before they get bad.
This software takes your computer and server event logs and breaks them down into reports that you can easy view and understand exactly what is going on with your environment. You can also record what anyone does on your servers as a video. All reports can have real time notifications of events you select like multiple failed logins etc. It is also an amazing price for all that you get.
The only thing i have had is that the new version doesn't support Windows Server 2003-2008 so what i did was spun up 2 VM's for this software and ran an older version on one VM and the newest version on an other so I can have the old version monitor the 2003-2008 servers and the newest version monitor 2008 R2 to 2016.
Netwrix has helped revolutionize our processes and simplify environmental monitoring and management.
Comments: We are able to easily spend our time on innovation as opposed to "fire-fighting."
Netwrix makes the process of auditing changes within our Active Directory environment very simple. We no longer have to spend additional time chasing down problems and what caused them. We can quickly evaluate what has recently changed, who changed it and then evaluate the best resolution without wasting time. This allows us to focus on the most important aspects of our jobs!
Netwrix does not have a lot of features that I do not find amazing. The only item that I can find that comes close to being a "con" involves the way that data is processed. I would love to find a method of auditing active directory and servers that do not involve granting Domain Admin rights to an account used for the product. It is understandable, though.
A lot of features at a good price.
Comments: It has been used to show my company does take securing sensitive information seriously.
Netwrix Auditor audits a lot of different products such as SQL Server, Windows Servers, Active Directory and NetApp file servers. It is very consistent in its runs and produces reports and alerts that our US government clients fully accept. It has helped my company receive numerous accreditation for performing auditing properly.
It can be difficult to configure and sometimes fails during a heavy load. Although it may fail every now and then, it will go back and gather the information it missed in the last run and get backup to date on the audits.
Great Overview of your Systems
Comments: I have been able to provide real-time reporting for AD changes and several other administrative functions that we did not have the ability to before which has allowed the institution to focus on our core products and information flow.
We are a smaller financial institution with limited staff and the automated reporting has been a great time saver for me to review various selected events. There are more than enough predefined reports to meet many of our oversight needs
I do have some issues with trying to understand the licensing and when we had to had other modules. Perhaps someone coming from an IT administration or CIO background would understand it better.
A auditing solution with huge value to the organization!
Comments: It makes AD auditing easier for our Information Security Officer, while providing real-time reports for our IT department. The program saves a lot of time that had been spent doing things manually.
The daily reporting is great at providing a snapshot of changes the environment for Information Security Officer. In our IT department we rely on the real-time alerts daily for user lockouts and other AD related changes to inform us of changes made so we can act accordingly.
It takes some time to get a handle on the on-demand reporting, but Netwrix provides a huge list of canned reports so you rarely have to create a customized report from scratch.
Invaluable solution for our Microsoft Active Directory auditing requirements.
Comments: Ease of addressing our Microsoft audit/compliance activities.
Netwrix provides a thorough, easy to use interface to address supporting documentation for almost all of our Microsoft audit requirements. We have been able to easily produce the documentation and evidence for all requests from our audit team with ease. Something that used to take a considerable amount of time to compile.
Would prefer that the client be web based, as opposed to the Windows client that is used today. Additional detail in error reports to help identify exactly what is not working would be extremely helpful as well. We occasionally have to do quite a bit of exploration to determine exactly what component is generating the error.
Use this software to monitor, alert, and create reports for Government IT Audits
Comments: Easier domain management, real time security alerts, it is a wonderful piece of software.
The fact that Netwrix always includes new and better features all of the time. Great price for the software and once it is in place and working it is very stable and solid. The new 9.0 version really allows for so much more than the old versions.
Some of the plugins are hard to use. I have a hard time figuring out what is causing errors sometimes when it runs its nightly scans of my systems. But customer support is always very good in helping solve the issues.
It has been refreshing to know that strange activity is going to notify me.
The alerting is incredibly valuable. Changes taking place to multiple files will generate an alert long before a human eye could notice what was happening. This is true of administrative logins and failed logins as well. The ability to audit changes in permissions so that they can be "seen" has been very helpful as well.
It can be a bit too quick to alert but this is configurable. The initial configuration will set the tone for the application and goes a long way toward the initial implementation and usage so plan your install and determine what you want it to do for you before you actually install it.
Netwrix Auditor is a fairly easy software package to use. It also converse a lot of system types.
Comments: The software covered most of the system that we were required to audit.
Netwrix Auditor can be setup to audit most all of the systems that a company is running. It also allows, for one price to audit most of the systems that need to be audited. In addition you can audit systems that are not part of Netwrix by using the Integration API.
The primary con with Netwrix is that the documentation is not complete. It does show how to configure a basic system but then stops there. It should also show how to configure more complex configurations. This then requires you to submit a ticket which might take a bit to get a proper answer.
Netwrix Auditor for Dummies
Comments: We got this product to assist with our NIST 800-171 compliance with our aerospace customers. The logs and information it provides are invaluable.
It's very easy to configure most of what you'll want to log directly out of the box. The parts that are a little more confusing are easily done with talking to support. This is overall a great product and one that I've needed for years.
When you don't work with the setups on a regular basis it's sometimes time consuming to go back and make changes or add/delete things. Since it basically runs itself I haven't touched the setup in months.
Now a days changes in AD is very important
Comments: Like I said real time change alert is the best part of using this product
Real time notification of any changes in AD and successful and unsuccessful logins to machines, which tells administrators of unauthorized login tries and legitimate user problems even before users approach administrator
There has to be exception reporting options which lets administrator know as some thing is not right for example I particular user is not supposed to be logging into a particular server and if such action happens then administrator should be alarmed - such relationship database should be there
An Auditor's best friend.
Comments: It performs a multitude of different Auditing tasks for us, making PCI and SOX compliance much simpler.
It just works. Set it up once, and the daily/weekly jobs run without any further effort. We have our reports sent to our ticketing system, making the daily review a breeze.
Reporting filters can be a little confusing to use at times, and customization options are limited, requiring editing config files rather than within the GUI.
Very nice and works the second you load it.
Comments: Insight into logs without manual log review and without having to create a lot of custom alerts and views.
The software works well and it doesn't take alot of configuration to be usable. It proactively sends emails with daily recaps. Very simple to setup
It is very expensive and to get everything, plan to buy multiple modules. The value for the money is there, but it is alot of money to start. Great value / High Price.
An excellent product that continues to improve.
Comments: If we start to experience a problem that goes back to AD or Group Policy, we can easily determine what changed and remediate it.
The version 9 client is awesome. It provides a much easier way to drill into reports and events than ever before.
The activity summary reports that it completed with errors, yet neither we nor tech support has ever been able to identify the problem. Since there are no events missing, we have just let it go.