Netwrix Auditor 10.8 brings powerful new capabilities, including activity auditing for Azure Files and free add-ons for Microsoft Copilot and Azure SQL that deliver deeper visibility into user actions and data access. Plus, updated NIS2 compliance reports make it easier than ever to stay audit-ready and demonstrate regulatory alignment.
What’s Changed in Netwrix Auditor 10.8
New Data Source: Azure Files activity auditing
Netwrix Auditor now supports Azure file shares, enabling organizations to maintain full visibility into file, folder, and permission changes. Capturing the critical who, what, when, and where details helps users quickly identify actions that may put data at risk. Organizations can also bolster their security and compliance efforts by monitoring both successful and failed read attempts, ensuring suspicious activity is detected and addressed before it escalates.
For more information about the configuration of azure files, please visit the following article: Azure Files Configuration
Microsoft Copilot add-on
The free Microsoft Copilot add-on collects Copilot events and provides detailed insights into the users and the resources they used to generate responses, including file names and exact paths.
Free add-on for Azure SQL
Netwrix Auditor now offers a free add-on for Azure SQL, delivering visibility into changes and logons. This add-on tracks the who, what, when, and where details for each event.
“Does not contain” filter is available for Details
Users can now use the “Does not contain” operator in searches involving the Details field, allowing for more precise filtering and streamlined search results.
Cancellable searches
When a search returns too many results due to large datasets or insufficient filters, it can take significant time to complete. Users can now cancel such searches, modify the search conditions, and try again—reducing wait times and improving efficiency.
Mailbox Owner Activity Monitoring for Exchange Online
Netwrix Auditor can now monitor mailbox owner actions in Exchange Online, such as mass email deletions, changes to folder permissions, or inbox rule modifications, helping organizations detect and investigate potential account takeover attempts.
For more information about Mailbox Owner Activity Monitoring, please visit the following article: Exchange online Owner Mailbox Access Activity
New attributes in the “User Account – Attributes” Report
Six additional attributes have been added to the “User Account – Attributes”’ report:
- EmployeeID
- Whether a smart card is required for logon
- SID (Security Identifier) history
- The workstation where the logon occurred
- Mobile Phone
- User SID
All attributes except “Mobile phone” are also available as search filters.
MAJOR ENHANCEMENTS
- Nutanix Files 5.0 is now supported.
- Dell Isilon OneFS 9.8 and 9.9, Unity up to 5.4, and Isilon/PowerScale 9.10 are now supported.
- Qumulo Core 7.4.1 is now supported.
Bug Fixes and Miscellaneous Updates
| Description | Case # | Escalation # |
|---|---|---|
| Fault tolerance improvement in integration with Netwrix Data Classification | 419364 | 357595 |
| Add detection and removal of corruption in the HealthData buffer of the Windows Server Auditing working folder | 413201 | 347000 |
| Improved error reporting in the CallHome feature | 443802 | 385073 |
| Remnants of failed uninstallation information in Agents.xml prevent targets from being re-added to the auditing scope of User Activity Auditing | 388568 | 344839 |
| Access error occurs when using NPS integration in environments with multiple domain controllers | 420343 | 358009, 358018, 358071 |
| Duplicate items appear in the Monitored Computers tab of the User Activity Auditing data source | 388568 | 127320 |
| Windows process security context is used for browsing SSRS reports instead of the explicitly provided credentials in Netwrix Console | 401299 | 339251 |
| ConfigServer nodes are being accessed by the Data Collecting Account of Inactive User Tracker | 400654 | 340091 |
| AD Restore Wizard improvement: Prevent deletion of indirectly checked objects when restoring a constructed attribute | 437805 | 379951 |
| Synology, Nutanix, Qumulo, Unity: No change detected when permissions are modified on top-level share objects | N/A | 306133 |
Plan your upgrade
Netwrix Auditor 10.6 will reach its end of support life on January 1, 2026. To learn more, please read the Netwrix End-of-Support Policy.
Need help with this update?
There are many different ways to get help with our products!
| Situation | Action |
|---|---|
| If you feel the product is broken and not working as intended… | Contact Support |
| If you have a question you’d like to ask other experts… | Create a discussion in the community: Auditor > Discussions & Questions |
| If you have a feature request… | Let our product team know directly: Auditor > Ideas |
| If you have something cool to show… | Show everyone what you built: Auditor > Show & Tell |
What are your thoughts?
We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!
