Netwrix Auditor Reviews

34 Ratings
<a href='' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 9.0 out of 100

Do you work for this company? Manage this listing

Overall Rating

Reviewer's Company Size

Last Updated

By Topic




Job Type


Reviews (1-12 of 12)

Anonymous | TrustRadius Reviewer
April 23, 2020

Netwrix Auditor Review

Score 8 out of 10
Vetted Review
Verified User
Review Source
Netwrix Auditor is used mainly by the Security department. However, we often pull information from Netwrix Auditor for other IT departments. It addresses problems relating to figuring out who made specific changes and security problems. Being able to view login failures, changes to users privileges, and so much more information helps us stay on top of things.
  • Provides accurate information
  • Easy to generate reports
  • Easy to filter, after initial learning curve
  • Challenging to learn filter options when first using the product
  • Not much video training provided online for the product
  • Could have better training available (additional guides, videos)
Netwrix Auditor is great for reviewing events that occurred and tracking down the root cause of who/what made specific changes. It also works well for audits revolving around security and user accounts. The only situation I need to use a secondary product for is when I need to track down a specific IP or system. But that is only because of the licenses we have, if we purchased more we could get additional information out of the product.
Read this authenticated review
Anonymous | TrustRadius Reviewer
February 19, 2020

Ease the burden of IT auditing

Score 10 out of 10
Vetted Review
Verified User
Review Source
Being in the cutting-edge technological industry - visibility into what is happening in the IT environment is a core component of a solid security strategy for any research/innovation-oriented organization. With the implementation of Netwrix Auditor throughout the organization, we keep our entire information data secure and confidential and maintain the accessibility of that data from our branches.
  • Detect security threats.
  • Prove compliance.
  • Bit finicky at times.
Netwrix Auditor is a fantastic product that audits all of the items we need to audit. It will audit file servers, database server, Active Directory Servers, SharePoint servers and a whole lot more. We use it for all of these items and the price did not go up because we added more machine types.
Read this authenticated review
Junie Johwa | TrustRadius Reviewer
October 18, 2019

Netwrix Auditor, your super hero to the rescue

Score 9 out of 10
Vetted Review
Verified User
Review Source
It is used by two departments, the User Department where I belong and the Security Team along with our Manager and CIO. It addresses auditing who did a change and what changes accounts are privileged do and can review a session of a user who logged into a server at maybe odd hours which could be suspicious.
  • Who has done the changes on systems
  • Password lockouts where it will tell you exactly where a person is locking which can be frustrating if it occurs too many times for one user.
  • It can show you things we rarely look at in our environment e.g on Active Directory things like duplicate group policy settings, empty security groups, computers which have not logged in in a long time thus helping you with your computer inventory.
  • Being able to get the actual device a user is locking in from Exchange Server because if a user is found to be locking out from an Exchange Server we have to look at Exchange Server IIS logs and parse through them using other tools like Log Parser looking for wrong password report. We need to use one product and that is Netwrix Auditor.
  • The software could also show when a server was restarted or rebooted.
When there have been changes to server configuration (User Activity logs this too) you are able to tell who has done them and where the changes were made. It is less appropriate in situations where there is an email missing in one's mailbox and they claim mail has been deleted as this is not captured.
Read Junie Johwa's full review
Glenn Jones | TrustRadius Reviewer
January 18, 2019

Netwrix Auditor, a Great Product at a Great Price

Score 8 out of 10
Vetted Review
Verified User
Review Source
Netwrix Auditor is used by my company to audit all of the systems we use. These include file servers (both Windows and NetApp), SQL servers, web servers. SharePoint servers, Active Directory and many other types of servers. We use it to make certain that staff do not access files that they are not permitted to access, and that they are not attempting to log in into a server that they should not be logging into. This information has come in very useful in the past and will do so in the future. It is also often used by projects to find out what files users who are allowed to access certain files are actually accessing.
  • Netwrix Auditor performs the audit collection process in a method that does not burden the systems it is auditing. It usually just pulls the log and event logs data from the machine it is auditing and then performs the extraction of the information in these files on the Netwrix Auditor server. This reducing the audit processes to only pulling log data from the server but does not keep the server busy processing the data.
  • Once the log data has been pulled from a server being audited, Netwrix will store the log data in a compressed form in its Long Term Archive. This allows the database to be kept smaller than the all the data being kept in the Log Term Archive and therefore makes creating reports much faster since the database is not as big as it could be.
  • Since Netwrix Auditor uses standard Microsoft SQL Server and SQL Server Reporting Services (SSRS) to perform reporting, working with the results of the audit is much easier. Anyone who knows SQL Server and SSRS can work with the data and create their own reports.
  • The predefined reports that come with Netwrix Auditor cover most of the items required to properly report on the status of a system. They have many predefined reports for FedRamp, PCI, HIPPA, and other compliance regulations.
  • Netwrix Auditor needs to improve its loading of Long Term Archive (LTA) data back into the database. I have been trying to load one month of LTA data back into the database for a few months now, but it can take a few days to successfully load just a few weeks of data. I have now started to attempt to load only two weeks of data at a time in the hopes that it will not destroy the data already loaded. I'm still working on this attempt. Netwrix Support told me that the only designed the reloading of LTA to work on a few days worth of data, but I need to be able to possibly seven years of data in the future. They are currently working on a solution to allow me to perform this task.
  • Netwrix needs to simply their database structure so it is easier to create your own reports. If they can't make the database structure any easier, they need to document it much more. The database documentation is very sparse and doesn't really state how you can use the database. There are many items I can find in the database but some items I have just given up on since it can be quite a task to find the data in the database.
  • Netwrix needs to release some form of internal documentation so clients can see what is happening during the audit data collection. I have specialists in certain areas of our systems, such as NetApp file server, ask me how it performs some of the auditing, and all I can say is "I'm not sure, I can ask but they probably won't be able to tell me."
Netwrix Auditor is well suited to perform audit data collection on many types of servers that require audit data to be collected. It runs fairly quickly and usually informs you if something went wrong in the data collection. They do need to have better documentation and some form of internal documentation to help the users who understand what is happening in their system to help them through the process of figuring out when something went wrong.
Read Glenn Jones's full review
Matt Rogers | TrustRadius Reviewer
August 04, 2018

A System Administrator's Dream

Score 9 out of 10
Vetted Review
Verified User
Review Source
Since we are a small organization, my supervisor and I are responsible for all information technology needs. We both use Netwrix Auditor to monitor any suspicious activity and get reports on failed logins, expiring passwords, and Windows file server activity. This gives us great peace of mind knowing that if something goes wrong or someone gains unauthorized access to our systems, we'll be able to respond immediately.
  • Netwrix Auditor sends out warnings to users when their passwords are close to expiring. This saves us some headache, because if they have any problems with changing their password, we can help them before they get locked out.
  • The notifications for multiple failed logons is a lifesaver. Very useful for spotting suspicious activity!
  • I love the way that you can create your own custom notifications and reports through the "Search" function. You can pick the "What", "Where", and "When" for the event you want to monitor and set up email email reports for them.
  • There is a bit of a learning curve. The interface is fairly intuitive, but I think there is room for improvement.
  • There is a LOT of functionality which can be quite overwhelming at first, but in and of itself, not a bad thing.
  • I think this software would benefit from a "Simple" mode and "Advanced" mode. This would ease the learning curve a bit.
I think this software has something for any organization small or large. I think the best scenario to use this software would be if you wanted to keep an eye on suspicious activity. This software gives users the peace of mind that if someone were to gain access (assuming the software is configured correctly) to their systems, that they would be notified.
Read Matt Rogers's full review
Kyle Reyes | TrustRadius Reviewer
July 25, 2018

Fantastic Reporting with an easy to use GUI!

Score 10 out of 10
Vetted Review
Verified User
Review Source
We currently use Netwrix Auditor in our Infrastructure department for a multitude of tasks. We utilize Netwrix Auditor for changes to files, updates to passwords, Databases changes, GPO changes, etc. One major use of Netwrix is for monitoring of access to ITAR files and giving us an amazing tool for reporting on all of the above mentioned uses.
  • The reporting features within Netwrix Auditor are by far the best feature, with a wide range of "pre-built" reports. The ability to create/generate your own reports makes it quite easy to look into the various items being monitored in the environment.
  • The set-up & ease of use of Netwrix is hard to match, not to mention the upgrades. To date, we've only had to contact support for one issue and it was an easy fix once we found the detailed information in their Knowledge Base.
  • Automation features within Netwrix help our daily tasks by ensuring we are not having to constantly monitor Netwrix, this is a huge time saver!
  • The only con I have is that sometimes technical support can be a bit delayed in getting back to us for issues, but it is only slightly so not a huge con by any means.
Netwrix Auditor is a great tool for monitoring a multitude of environments, settings, changes, etc. We currently use Netwrix Auditor for use to monitor Active Directory, File Servers, SQL Servers, and various other items. Netwrix however does not seem to fill any needs for monitoring our VMware environment that I have found to date.
Read Kyle Reyes's full review
Aaron Christenson | TrustRadius Reviewer
August 21, 2018

Best Active Directory audit tool available

Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Netwrix Auditor for auditing of Active Directory and Group Policy changes. It is used by our IS Access and IS Server Support teams. We needed a tool to track changes for our auditors.
  • Notifications on changes to sensitive accounts.
  • Detailed record of Group Policy changes.
  • HTML email reports
Finding changes to security groups and group policy is quick and easy.
Read Aaron Christenson's full review
Barry Goldstrom | TrustRadius Reviewer
July 25, 2018

Netwrix Auditor and Law Enforcement

Score 10 out of 10
Vetted Review
Verified User
Review Source
It was used on the law enforcement servers. It provided the information to prove chain of custody of any related files on the file server.
  • Ease of setup
  • Accurate reporting
  • Set and forget automated reporting
  • I can't honestly think of areas of improvement
This is well suited to audit files on a file server to keep track of who is doing what on the file servers. This is a feature that is lacking in a windows server environment.
Read Barry Goldstrom's full review
Jose Rodriguez | TrustRadius Reviewer
July 25, 2018

Keeps me honest!

Score 10 out of 10
Vetted Review
Verified User
Review Source
Netwrix is used to by our organization to audit network accounts. It provides us visibility into who is making modifications to our internal AD.
  • Auditing account changes
  • Anomaly tracking
  • Easy setup
  • No areas at this point.
It's a perfect product for auditing and keeping the system admins honest. It's easy to use and reporting is incredible. The system to me is flawless because it keeps the admin honest by doing exactly as it's billed. The system performs well and the database integration makes reporting fast and provides all the mechanisms to support our organization.
Read Jose Rodriguez's full review
Jon Gabriel Bolland II | TrustRadius Reviewer
December 01, 2017

Netwrix Saves Time

Score 9 out of 10
Vetted Review
Verified User
Review Source
Netwrix Auditor is being used across our whole company. Netwrix allows us to audit file use and access, changes to Active Directory, failed logins on SQL, AD, file servers, and email. It gives us visibility and accountability to what is going on in our infrastructure. It helps solve security and accountability problems.
  • It alerts us to account lockouts and helped discover a firewall issue on one of our servers. The alerts and single interface have been very helpful.
  • I get a report on expired passwords and accounts which help me keep my directory tidy.
  • We can get access reports on files and folders which let us know when users are trying to access items they are not authorized to.
  • They have a screen capture function that I have never been able to get to work properly. However, I have never called their support on this issue so it is not necessarily a big ding against them. I am only mildly interested in this feature. We have enough network monitoring so I already know what my users are doing I don't need a capture.
It would not be appropriate for a very small organization that has less than 25 Users. It is great for keeping an eye on larger environments, you can get fairly granular with the reporting and know exactly who changed files, AD accounts, mailboxes, and policies. It is great for visibility into your data and accountability. It is also a useful security tool.
Read Jon Gabriel Bolland II's full review
Steven Hiersche, Jr. | TrustRadius Reviewer
August 16, 2017

If you need an audit trail, use Netwrix Auditor!

Score 10 out of 10
Vetted Review
Verified User
Review Source
Netwrix Auditor is being used only by the IT department. The primary use was to track active directory changes but it is now also very useful for auditors. During yearly tech audits, we are able to hand over audit logs very easily.
  • The UI is very strong
  • Plenty of reports to generate
  • You can audit many applications including Active Directory, file server, SQL and Exchange/O365
  • We are very pleased with Netwrix
If you need to track who is making changes in your environment and/or provide audit logs to auditors, this is your program!
Read Steven Hiersche, Jr.'s full review
Anonymous | TrustRadius Reviewer
April 18, 2017

Netwrix Auditor - Security add on for AD

Score 4 out of 10
Vetted Review
Verified User
Review Source
Netwrix auditor is being used by our IS security team to monitor and manage changes to our AD security setup. It was chosen to simplify some of the tasks that they need to do, as well as automating alerts and increasing our level of understanding for change within the AD environment.
  • Automated alerts for changes to security within AD. It is able to sends alerts for just about any change within AD.
  • Tracing who changed what within AD. This can be found with AD, but Netwrix auditor makes it a lot more simple to find.
  • Enabling less technical people to have access to the auditing and security information that they need to manage the AD security model effectively. This product frees our technical teams from numerous minor requests for audit logs, tracking, investigations etc.
  • Stability is a concern. Despite running this for over one year, we have had issues with processor utilisation on several business critical servers including SQL servers that have meant that we have had to deinstall the product on those servers. No resolution, despite this being logged with the supplier for some 2 months.
  • Support from the US for UK clients is not up to standard, for the cost of the product and the cost of support we expected better. We are reconsidering our use of this product, despite its good level of reporting and automation of alerts.
Good for IT teams where you lack technical knowledge to properly manage the AD security environment. Poorer value for those teams that already have skilled technical tools and scripts or other tools that automated security alerts. This is the sort of tool that Microsoft should supply as part of AD. What it does, it foes quite well, buy with hindsight, it would have been better to automate using our own skills and other tools.
Read this authenticated review

About Netwrix Auditor

Netwrix Auditor is designed to enable auditing of the broadest variety of IT systems, including Active Directory, Exchange, file servers, SharePoint, SQL Server, VMware and Windows Server. It also supports monitoring of privileged user activity in all other systems.

According to the vendor, Netwrix Auditor eliminates these blind spots by delivering complete visibility into all changes to system configurations, content and permissions across the IT infrastructure. Moreover, Netwrix Auditor alerts organizations to changes that violate corporate security policies, enabling users to proactively detect suspicious user activity and prevent breaches.

Netwrix Auditor Features

Has featureChange Auditing of IT Systems
Has featureConfiguration Auditing
Has featureAccess Auditing

Netwrix Auditor Screenshots

Netwrix Auditor Competitors

Dell Change Auditor, Manageengine ADManager Plus, Varonis Datadvantage


  • Has featureFree Trial Available?Yes
  • Does not have featureFree or Freemium Version Available?No
  • Does not have featurePremium Consulting/Integration Services Available?No
  • Entry-level set up fee?No

Netwrix Auditor Support Options

 Free VersionPaid Version
Social Media
Video Tutorials / Webinar

Netwrix Auditor Technical Details

Deployment Types:On-premise
Operating Systems: Windows
Mobile Application:No
Supported Countries:USA, UK, Australia, France, Germany, Hong Kong, Italy, Netherlands, Spain, Sweden, Switzerland, India, Belguim, Russia
Supported Languages: English, German, French, Russian, Italian