FileMon

FileMon

FileMon is an open-source file monitoring software for Windows. It tracks all file system activity like file access, changes, renames, and deletions in real-time. Useful for monitoring critical files or detecting suspicious activity.
Security & Privacy File Monitoring
file-monitoring file-access file-changes
FileMon alternatives ➤

FileMon: Real-Time File Monitoring Software for Windows

An open-source file monitoring software tracking file access, changes, renames, and deletions in real-time, ideal for monitoring critical files or detecting suspicious activity.

What is FileMon?

FileMon is a free, open-source file monitoring and auditing software for Microsoft Windows. It tracks and logs all attempted file system activity in real-time, including file access, changes, renames, and deletions. This allows administrators and security professionals to monitor access to critical system files and configuration files, troubleshoot application problems related to the file system, detect suspicious activity and policy violations, and more.

Some key features of FileMon include:

  • Monitors all file system activity via Windows filter drivers
  • Logs file access details like process name, user, time, operation, etc.
  • Useful for monitoring critical system files, log files, databases
  • Can detect malware, ransomware, or insider threats
  • Filters to only monitor specific files, users, processes
  • Exports logs to various formats like CSV, JSON, SQLite
  • Free and open-source software (GPLv3 license)

With its advanced real-time monitoring and filtering capabilities, FileMon provides deeper visibility into file system activity than native Windows auditing tools. It is widely used by system administrators, IT support teams, security analysts, and forensics professionals.

FileMon Features

Features

  1. Real-time file monitoring
  2. Tracks file access, changes, renames and deletions
  3. Configurable alerts and notifications
  4. File hashes calculated for integrity checking
  5. Detailed and searchable event log
  6. Rules to filter events and ignore benign activity
  7. Lightweight and low resource usage

Pricing

  • Open Source

Pros

Free and open source

Simple interface

Powerful functionality

Lightweight on system resources

Real-time monitoring and alerts

Integrates with other monitoring tools

Very customizable through rules and filters

Cons

Windows only

Requires some learning curve for advanced features

No centralized management

Lacks reporting and analytics

No cloud or mobile access

Official Links


The Best FileMon Alternatives

Top Security & Privacy and File Monitoring and other similar apps like FileMon

Here are some alternatives to FileMon:

Process Monitor icon
Process Monitor
Fseventer icon
fseventer
PrcView icon
PrcView
Suggest an alternative ❐

Process Monitor icon

Process Monitor

Process Monitor is a advanced system monitoring and troubleshooting utility for Windows developed by Sysinternals. It provides a detailed, real-time view of file system, Registry, process, thread and DLL activity on a system.Some key features of Process Monitor include:Monitors process activities like file system, Registry, network, DLL loading/unloading etc. in...
Process Monitor image
Fseventer icon

Fseventer

fseventer is a command-line utility for Mac OS that monitors and logs file system events in real-time. It was created by the Apple Engineer team to help debug issues with applications that rely on file change notifications provided by the operating system.The fseventer tool streams file system events as they...
PrcView icon

PrcView

PrcView is a lightweight, free STL/CAD model viewer for Windows. It allows users to quickly open and inspect 3D models in a variety of formats including STL, STEP, IGES, X_T, and more without needing expensive CAD software.Some key features of PrcView include:Supports many common 3D file formats - STL, STEP,...
PrcView image