System Integrity Monitoring task (System_Integrity_Monitoring, ID:11)
Oct 22, 2023
The System Integrity Monitoring task is designed to track actions performed on files and directories in the monitoring scope specified in the task settings. You can use the task to find file changes that may indicate a security breach on a protected server.
To use the task, a license that includes the corresponding function is required.
System Integrity Monitoring can be performed in real-time when you run the On-access File Integrity Monitoring (OAFIM) task. You can also create and run On-demand File Integrity Monitoring (ODFIM) tasks.
Both OAFIM and ODFIM tasks send notifications about changes to an object access control list. For the OAFIM task, details about what exactly was changed are not reported. For the ODFIM task, information about attribute changes and file/directory moves are reported.