Why doesn't my application receive events for mapped network drives?

Due to the way that Windows works internally, CBFS Filter can only intercept filesystem requests that originate on the local machine (since the CBFS Filter system driver must be installed in order for anything to be intercepted in the first place), or that originate on remote machines but come to the local machine for processing. It cannot monitor requests that originate, and are processed on, remote machines.

Example 1:

You have a server S that shares the drive "ServerDrive". Client C has mounted drive \\S\ServerDrive as drive Z:. Your system M has the CBFS Filter system drive installed, and is running a monitoring application; additionally, it has mounted \\S\ServerDrive as drive T:.

Now, if some process on M accesses drive T:, the CBFS Filter-based monitoring application can intercept its requests. However, if some process on C accesses drive Z:, requests go from C to S and never reach M. Since M has no way to be directly informed about the requests being processed on the server's "ServerDrive" drive, CBFS Filter can't intercept anything (and the same applies for any operations performed locally on S).

Example 2:

You have a server S that shares the drive "ServerDrive"; S also has the CBFS Filter system drive installed, and is running a monitoring application. Client C1 has mounted drive \\S\ServerDrive as drive Z:, and Client C2 has mounted drive \\S\ServerDrive as drive T:. Now if some process on C1 accesses drive Z:, or if some process on C2 accesses drive T:, the CBFS Filter-based monitoring application running on S can handle intercept the requests, because they are processed on S. The same obviously also applies for any operations performed locally on S.