Netwrix Auditor Version 10.8 Released

Products Auditor News
, ,
1

Auditor 10_8
Auditor 10_81333×800 164 KB

Netwrix Auditor 10.8 brings powerful new capabilities, including activity auditing for Azure Files and free add-ons for Microsoft Copilot and Azure SQL that deliver deeper visibility into user actions and data access.

Download Netwrix Auditor 10.8 here!

What’s Changed in Netwrix Auditor 10.8

New Data Source: Azure Files activity auditing

Netwrix Auditor now supports Azure file shares, enabling organizations to maintain full visibility into file, folder, and permission changes. Capturing the critical who, what, when, and where details helps users quickly identify actions that may put data at risk. Organizations can also bolster their security and compliance efforts by monitoring both successful and failed read attempts, ensuring suspicious activity is detected and addressed before it escalates.
For more information about the configuration of azure files, please visit the following article: Azure Files Configuration

Microsoft Copilot add-on

The free Microsoft Copilot add-on collects Copilot events and provides detailed insights into the users and the resources they used to generate responses, including file names and exact paths.

Free add-on for Azure SQL

Netwrix Auditor now offers a free add-on for Azure SQL, delivering visibility into changes and logons. This add-on tracks the who, what, when, and where details for each event.

“Does not contain” filter is available for Details

Users can now use the “Does not contain” operator in searches involving the Details field, allowing for more precise filtering and streamlined search results.

Cancellable searches

When a search returns too many results due to large datasets or insufficient filters, it can take significant time to complete. Users can now cancel such searches, modify the search conditions, and try again—reducing wait times and improving efficiency.

Mailbox Owner Activity Monitoring for Exchange Online

Netwrix Auditor can now monitor mailbox owner actions in Exchange Online, such as mass email deletions, changes to folder permissions, or inbox rule modifications, helping organizations detect and investigate potential account takeover attempts.
For more information about Mailbox Owner Activity Monitoring, please visit the following article: Exchange online Owner Mailbox Access Activity

New attributes in the “User Account – Attributes” Report

Six additional attributes have been added to the “User Account – Attributes”’ report:

  • EmployeeID
  • Whether a smart card is required for logon
  • SID (Security Identifier) history
  • The workstation where the logon occurred
  • Mobile Phone
  • User SID

All attributes except “Mobile phone” are also available as search filters.

MAJOR ENHANCEMENTS

  • Nutanix Files 5.0 is now supported.
  • Dell Isilon OneFS 9.8 and 9.9, Unity up to 5.4, and Isilon/PowerScale 9.10 are now supported.
  • Qumulo Core 7.4.1 is now supported.

Bug Fixes and Miscellaneous Updates

Description Case # Escalation #
Fault tolerance improvement in integration with Netwrix Data Classification 419364 357595
Add detection and removal of corruption in the HealthData buffer of the Windows Server Auditing working folder 413201 347000
Improved error reporting in the CallHome feature 443802 385073
Remnants of failed uninstallation information in Agents.xml prevent targets from being re-added to the auditing scope of User Activity Auditing 388568 344839
Access error occurs when using NPS integration in environments with multiple domain controllers 420343 358009, 358018, 358071
Duplicate items appear in the Monitored Computers tab of the User Activity Auditing data source 388568 127320
Windows process security context is used for browsing SSRS reports instead of the explicitly provided credentials in Netwrix Console 401299 339251
ConfigServer nodes are being accessed by the Data Collecting Account of Inactive User Tracker 400654 340091
AD Restore Wizard improvement: Prevent deletion of indirectly checked objects when restoring a constructed attribute 437805 379951
Synology, Nutanix, Qumulo, Unity: No change detected when permissions are modified on top-level share objects N/A 306133

Plan your upgrade

Netwrix Auditor 10.6 will reach its end of support life on January 1, 2026. To learn more, please read the Netwrix End-of-Support Policy.

Need help with this update?

There are many different ways to get help with our products!

Situation Action
If you feel the product is broken and not working as intended… Contact Support
If you have a question you’d like to ask other experts… Create a discussion in the community: Auditor > Discussions & Questions
If you have a feature request… Let our product team know directly: Auditor > Ideas
If you have something cool to show… Show everyone what you built: Auditor > Show & Tell

What are your thoughts?

We are always happy to hear from our users on what you like, and what you hope to see in the future. Please, share your thoughts below!

11 Likes
Virtual Appliances for Version 10.8 Released
Azure Files Configuration
"Does not contain" filter in Search
2

Thanks Daniel – but how do I upgrade?

1 Like
3

Hi @phillip.crisp

The process for upgrading is outlined here: Upgrade to the Latest Version
It covers a number of preliminary best-practice steps to back up Auditor’s data and its audit databases out of an abundance of caution. The actual upgrade process involves running the installer and following the Wizard.

If you would like assistance or have any problems, please feel free to open a ticket with Support. They would be happy to help you.

4

That link is for upgrading to 10.7. Does that mean the permissions are the same and there’s no additional configuration required to upgrade from 10.7 to 10.8?

5

Hi @brian.johnson, yes, you are right, there’s no additional configuration required to upgrade from 10.7 to 10.8.

6

Perfect, thank you.

Is there any additional information regarding the copilot integration? I found a link to the deployment procedure but the instructions and screenshots appear generic.

Does Netwrix have a demo of this functionality?

7

Hi Brian, I don’t think we have any more info, but that’s a great point, I’ll try my best to put together an article during the next couple of weeks.

But long story short: you can track user interactions with Copilot, and when a document was accessed to provide an answer to them - you’ll be able to see it, and use Search to find the activity by specific user or on a specific document, and set up alerts with these filters.

The image shows a detailed search interface displaying logged actions of a user named Donna Stone related to the Copilot object type, complete with timestamps and accessed resources. (Captioned by AI)
The image shows a detailed search interface displaying logged actions of a user named Donna Stone related to the Copilot object type, complete with timestamps and accessed resources. (Captioned by AI)1447×662 99.9 KB

4 Likes
8

We are currently on 10.6. Do we need to go to 10.7 and then to 10.8, or can we go directly from 10.6 to 10.8?

9

Tom,

Welcome to the Netwrix Community!

You can skip 10.7 and just go right to 10.8.

If you run into any issues, feel free to reach back out. I’ll be happy to help.

Michael Purdin
Netwrix Technical Support Manager

2 Likes
11

Can we go from 10.5 to latest directly? When we check for updates, it’s giving us 10.7.13822.

12

Amanda,

With Netwrix Auditor, you’re allowed to skip one version during upgrades. For example, if you’re currently on version 10.5, you can upgrade to either 10.6 or 10.7, and then proceed to 10.8.

We recommend waiting at least 24 hours between upgrade steps. This allows time for all endpoint services and databases to update properly.

If you’d like assistance with the upgrade process, I’d be happy to open a support ticket for you. Feel free to reach out here with any questions you may have.

Michael Purdin
Netwrix Technical Support Manager

13

On prem version still have 10.7 when downloaded. The link was labelled 10.8 so expected 10.8

14

Hello Gbenga,

The link here on the Community should take you to our Customer Portal at www.netwrix.com/support. From there, you should be able to download version 10.8.

CleanShot 2025-07-22 at 12.34.38
CleanShot 2025-07-22 at 12.34.38451×406 11.7 KB

If this doesn’t work for you, please let me know and I’ll be happy to help.

15

Is there a new version of the Full Documentation for 10.8.x hiding somewhere?

image
image604×360 12.7 KB

16

@mscirri hi Marc, we are currently in a process of rebuilding the documentation portal, the new one will be live very soon. But in this interim period we haven’t updated the current documentation portal. The 10.7 documentation is still relevant, except for the new features. And the biggest changes were covered here:

3 Likes
17

Hello,

The installation package has doubled in size. Any particular reason for that?

Thanks!

18

Hello Thibaud,

Welcome to the Netwrix Community!

You’re absolutely right—the installation file for Netwrix Auditor 10.8 is noticeably larger than that of 10.7.

This increase is due to several significant feature enhancements introduced in version 10.8. We added a new Data Source for Azure Files, as well as Mailbox Owner Auditing for Exchange Online, both of which bring expanded auditing capabilities and require additional resources.

We also made improvements to the Subscription settings, License page, and Search tool, which contribute to the overall file size as well.

Finally, we also removed the dependency on Internet Explorer for viewing or exporting SSRS reports, which required additional resources and contributed to the increased size of the installation file.

Despite the larger package, the actual installation time is comparable to what you’ve experienced with 10.6 and 10.7, so it shouldn’t have a major impact on your setup process.

If you have any further questions or need assistance, feel free to reach out!

2 Likes
19

Hello,

Does this Free add-on for Azure SQL support Azure SQL Managed instance?

Thank you,

20

Hello Antonie - Welcome to the Netwrix Community!

I’ve included the instructions for the add-on and it does appear based on the title that we do support the Azure SQL Managed Instance.

Configure Netwrix Auditor Add-on for Azure SQL Managed Instance - Auditor / Show & Tell - Netwrix Community

If you view that document and if you have any questions, feel free to respond on that thread and we will be sure to assist you.

Michael Purdin
Manager, Technical Support Engineering
____________________ _________
Netwrix: Data security that starts with identity

1 Like
21

Hi Daniel,

Would you be able to share a demo video of the new add-on features in version 10.8? A quick walkthrough would really help us understand the use cases and communicate them more clearly to the team.

1 Like