Remove dependancy on the security log

Remove dependancy on the security log

Right now the file audit portion of ADAudit relies on SACLs and the security log of the file server which is horribly inefficient.  Opening a single file creates over 50 log entries (and they all show up in ADAudit).
 
Can you look into creating a small filter driver agent that can do event correlation so opening a file will only create one entry?

                New to ADSelfService Plus?