Network Storage Protocols Discussions

CIFS Auditing


DOT 8.1.4 

I configured CIFS Auditing...and made the cifs.audit.saveas option to another volume then the default vol0.

cifs auditing is working fine. Logs are being sent to that partiicular volume (CIFS Share). but in /etc/messages i am getting an WARNING message..

ALF I/O warning for file /etc/log/cifsaudit.alf: the audit log is empty.


i have space in that volume on which audit logs are being saved. but cudnt get why i am receiving this msg.

Need help



Re: CIFS Auditing


"This will occur if the autosave is based on a timer value AND no auditing events occur during that time interval"


there is a bug report that describes this issue

Re: CIFS Auditing


Hey Foxtrot... we have a great audit and reporting tool. It is a lot easier to set up and it works. It is pretty cheap and grabs more info than anything we've seen so far. Take a look at the tools at Arxscan.

Earn Rewards for Your Review!
GPI Review Banner
All Community Forums