Brian,
Yes, filers support NTFS-style auditing using the NT Event Viewer. Pre-6.0 versions of Data ONTAP allow "read" and "write" auditing for individual users.
ONTAP 6.0 and later allows auditing of "read," "write," "execute," "change ownership" and take ownership." Other enhancements to the auditing in 6.0 include the ability to set a maximum log file size as well as the ability to use the group "Everyone" (versus having to enter individual account names).
It's pretty easy to setup and is documented in the System Administrators guide (if yours are old, you can download a new one in PDF from NOW).
Regards,
Paul Benn Network Appliance
-----Original Message----- From: Brian Tao [mailto:taob@risc.org] Sent: Thursday, December 07, 2000 10:41 AM To: toasters@mathworks.com Subject: NTFS auditing?
Has anyone heard of "NTFS write auditing"? A group within our company would like that enabled for files in a certain directory so they can track who is modifying files. Is this a feature of NTFS itself, or is this achievable over CIFS to a filer? I'm asking this in the context of a Netapp serving up the data, of course.
On Thu, 7 Dec 2000, Benn, Paul wrote:
It's pretty easy to setup and is documented in the System Administrators guide (if yours are old, you can download a new one in PDF from NOW).
Ah, I see... you just point the NT Event Viewer utility to the file generated by the Netapp. Is there a UNIX utility to view the adtlog.evt file?
-
Benn, Paul -
Brian Tao