File monitor report
/etc/
/var/centrify/
/var/centrifydc/
/var/centrifyda/
The report includes the user name, the computer where the activity occurred, the time at which the activity occurred, the filename, the current directory, the kind of file access was attempted, if the file access was successful or not, the command that was used, the process and parent process IDs, and the “run as” user.
Note: If a monitored file is renamed, the report displays both the original and new filename. The order of filenames may differ slightly on each operating system.