Archive events/Restore events:
The main idea of archive events were to help the user to audit AD for his/her chosen time period in a robust manner. Other audit data collected over the period, which is of less importance, are safely written as flat files and compressed to the default or configurable backup folders. Please note these files are secure, safe and can be re-loaded into the database at the user's discretion for generating reports of his/her choice.
We are also working on "Search archive" feature using which you can generates reports, perform advanced search directly on the stored archive data. Using this feature the archive data need not be loaded into the database for report generation, it can be directly used from the storage location. Please find some screenshots of that feature.
Specific file/folder change:
This can be accomplished by providing the complete UNC path on the "Share based reports". You can also use the "Custom reports" feature to achieve this.
IP Addresses/DNS Names:
Please note that we do not change/alter any collected audit event data. For "Logon" events Windows only logs the "IP addresses" of the computers from which the logon had occurred. To provide a more user-friendly report we try to resolve the IP addresses to meaningful host names, this is done only with the intention to help the users who find it difficult to decipher from which server/workstation the logon has happened. You can always remove the column "Client Host Name" that contains the resolved names from the reports and generate it.
We also request you to please check our complete solution for all your log management needs : Log360
This product concocts the power of user-friendly reporting and all SIEM essentials.