I'm currently running the trial of FileAudit+.
Everything's going okay apart from the fact that I'm seeing 10' of thousands of read deny actions logged by machine accounts on my network (rather than user accounts).
Looking at it closer it seems to be shortcuts to network files. Would anyone know why the machine accounts are reaching out to shortcuts on a file share?
This is a dealbreaker for me as it totally ruins any reports or alerts run on FAP due to the overwhelming number of these actions being logged.