You can do a Windows CIFS audit on the directory or share.
1. Using a Windows Admin account select the folder/share, Properties, Security, Advanced (on Security tab), Auditing. 2. Select Add. The User/Group will appear. Leave the 'Object Type' default. The 'Locations' is the Windows Domain where the user account is located. The 'Object Name' is the group or account you want to audit. Select the group "Everyone" for the 'Object Name' should audit every account to this folder/share. Click 'Ok'. 3. The Audit Object dialog should appear which allows you to select which entry to audit against. Typically, you want "Successful" for each of the events you want to audit. 4. Select 'Apply these auditing entries to objects and/or containers within this container only' if you want apply to any subdirectories.
Depending on how many clients are accessing this location and the number of objects you are auditing, the log can get pretty big. You can use a script to save the log and rename for each day.
Hope this helps.
Marcus Bui
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Stewart, John Sent: Friday, October 22, 2004 2:14 PM To: 'toasters@mathworks.com' Subject: Audit Logging?
We've got an F740 doing cifs and nfs, with 3 shelves and ~400GB on it.
We've got a situation where some critical, sensitive, files were lost. Permissions all look good, so I suspect that one of the people with write access to that directory borked something up (one of them uses Windows briefcases to sync up some files - that could have gone haywire).
Anyway, this has brought up the request to do some sort of auditing on this (and perhaps other) directories to record who created/edits/deletes files.
Is this possible? With the standard software, or is there some other product we need to purchase?
thanks!
johnS
----------------------------------------- Confidentiality Note: The information contained in this message, and any attachments, may contain confidential and/or privileged material. It is intended solely for the person or entity to which it is addressed. Any review, retransmission, dissemination, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.