Getting Started
- System Requirements
- Installation
- Registration
- Version Support Policy
- Assign Service Logon As Credentials
Agent-Based Management
Data Providers
- Data Provider Properties
- SQLite Properties
- MySQL Properties
- Microsoft SQL Server Properties
- File System Properties
Directory Services
Event Log Archiving for JSIG and CMMC Compliance
Auditing
- Audit Work Items
- Self-Auditing
- Group Policy Auditing
Hosts
- Adding Hosts
- Host Properties
- Batch Update Hosts
- Agent Properties
- Logon As Properties
- SFTP Properties
- FTP/S Properties
- SNMP Device Connection Properties
- WMI
- Contact
- Exclusions
- Inventory
- Docker
- Host Assignments
Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- File and Directory Monitor Templates
- Windows Monitor Templates
- Windows Management Instrumentation (WMI) Templates
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
Monitors
- Monitor Hierarchy
- Temporarily Suppress Monitors Actions
Reports
- Report Properties
- Artificial Intelligence Reports
  - AI Anomaly Detection Report
    - AI Anomaly Detection Report (Template Triggers)
- Security Reports
- Generic Log Reports
- SIEM Report
- SIEM Chart Report
- Azure Active Directory Audit Log Report
- Event Log Report
- SNMP Trap Report
- Syslog Report
- Databse Log Report
- Event Log Summary Report
File and Permission Reports
- File and Directory Access Permissions Report
- Duplicate Files Report
- File Activity Report
- Largest Files Report
- Sorted Files Report
Summary Reports
- Host Inventory Report
- Summary Report
- Collection Report
- Hash Check Reports
Auto-Configurators
Filters
- Simple Filters
- Complex Filters
Actions
- Database Actions
- Desktop Actions
- Email Actions
- Event Log Actions
- Executable Actions
- File Actions
- IIS IP Address Restriction Actions
- Microsoft Teams Actions
- PowerShell Actions
- Report Actions
- Service Actions
- SMS Actions
- SNMP Trap Actions
- Syslog Actions
- Template Actions
- IIS IP Address Restriction Actions
- Action Variables
Schedules
- Fixed Schedules
- Range Schedules
- Real-Time Schedules
Environment Variables
Options
- Email Settings
- Security Settings
- Syslog Server Settings
- SNMP Trap Server Settings
- Log Viewer Settings
- Web Proxy Settings
- Miscellaneous Settings
Account Lockout Monitoring and Reporting
Merging Logs
SNMP
- SNMP Browser
SSH Shell
Syslog
Exporting and Importing Configuration Objects
Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
Command Line Interface
Server Configuration
Agent Configuration
Troubleshooting
- Arithmetic Overflow
- Access Denied
- MySQL: Fatal error encountered during command execution
- Invalid Class
- No Such Interface Supported
- Quota Violation
- The File Exists Errors
- The Interface is Unknown
- The RPC Server is Unavailable
- NetBIOS Errors
Terminology

File and Directory Access Permissions Reports

The File and Directory Access Permissions Reports enable you to either manually on-demand scan any disk or directory for assigned permissions and optionally schedule the results to be emailed to you or output to a file, for example, a CSV file.

Requirements

Operating System	Technology
Windows	Remote WMI and Windows Shares
Linux	SFTP/SSH or FTP/S

How to create a File and Directory Access Permissions Report:

From the Menu Bar select File | New. The Create New Object View displays.
From the Create New Object View, expand Report | File and Permissions Reports then select File and Directory Access Permissions. The Properties View displays.

Note

Unlicensed report types appear in gray text. If you would like to create a report that is not currently licensed, please contact Corner Bowl Software to upgrade your license.

The Properties View contains 7 configuration tabs.
- General
- Directories
- Files and Sub-Directories
- Options
- Columns
- User Filters
- Actions

How to configure the File and Directory Access Permissions

Use the Files and Sub-Directories section to:

Option	Description
Include files	Scan and list each file in the report.
Detail sub-directories and files	Scan and list each sub-directory in the report.
Hide BUILTIN users and groups	Hide the BUILTIN account from the report.

Use the Access Permissions section to configure the permissions to report. The following permissions are supported:

Option	Hex Value	Description
None	0x00000000	No permissions assigned.
Read	0x00000001	Permission to read the data of a file.
Write	0x00000002	Permission to modify a file's data anywhere in the file's offset range. This includes the ability to write to any arbitrary offset and as a result to grow the file.
Append	0x00000004	The ability to modify a file's data, but only starting at EOF.
ReadEA	0x00000008	Permission to read the named attributes of a file or to lookup the named attributes directory.
WriteEA	0x00000010	Permission to write the named attributes of a file or to create a named attribute directory.
Execute	0x00000020	Permission to execute a file or traverse/search a directory.
DeleteChild	0x00000040	Permission to delete a file or directory within a directory.
ReadAttributes	0x00000080	The ability to read basic attributes (non-ACLs) of a file.
WriteAttributes	0x00000100	Permission to change the times associated with a file or directory to an arbitrary value.
Delete	0x00010000	The right to delete the object.
ReadControl	0x00020000	The right to read the information in the object's security descriptor, not including the information in the system access control list (SACL).
WriteDAC	0x00040000	The right to modify the discretionary access control list (DACL) in the object's security descriptor.
WriteOwner	0x00080000	The right to change the owner in the object's security descriptor.
Synchronize	0x00100000	The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right.
SystemSecurity	0x01000000	Specifies access to the system security portion of the security descriptor.
MaximumAllowed	0x02000000	Indicates that the caller is requesting the most access possible to the object.
GenericAll	0x10000000	All possible access rights
GenericExecute	0x20000000	Execute access
GenericWrite	0x40000000	Write access
GenericRead	0x80000000	Read access

File and Directory Permissions Report Properties View

Table of Contents

File and Directory Access Permissions Reports

Requirements

How to create a File and Directory Access Permissions Report:

How to configure the File and Directory Access Permissions