I am really struggling with the concept of CIFS / NTFS auditing.
'vserver audit command enables or disables auditing, defines log location files, manages log rotation,
and so on.'
The vserver create command also includes the following parameters:
The vserver create command seems to include file/folder event logging, so why do I need to then go on to use the 'vserver security file-directory ntfs' commands to create SACLs on files and folders?