Network and Storage Protocols

CIFS / NTFS Auditing

tyrone_owen_1
3,506 Views

Hi,

I am really struggling with the concept of CIFS / NTFS auditing.

 

'vserver audit command enables or disables auditing, defines log location files, manages log rotation,
and so on.'

 

The vserver create command also includes the following parameters:

 

{file-ops|cifs-logon-logoff|cap-staging|file-share|audit-policy-change|user-account|authorization-policy-change|security-group}

 

The vserver create command seems to include file/folder event logging, so why do I need to then go on to use the 'vserver security file-directory ntfs' commands to create SACLs on files and folders?

 

Thanks

4 REPLIES 4

hmoubara
3,381 Views

Hello

 

Can you share which documentation you following when setting up auditing.

 

Thanks

hmoubara
3,337 Views

Hello,

 

I am not seeing where in the documentation it is telling you to create SACLs:

vserver security file-directory ntfs ??

 

You should be able to enable auditing and set it to whatever options you would like the auditing to be logged.

Check the link below:

 

https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cifs-nfs-audit/GUID-EF25376D-4460-4493-B260-C2FDAAB6B151.html

 

Thanks 

Public