Help banner

Server Object Nsure Audit Settings - Filesystem

The File System events are server-specific settings; that is, they must be enabled on each NCP Server object in the tree. The File system instrumentation logs all traditional and NSS file system activity for the selected events.

NOTE: If you want to filter events on a volume or directory level, you can create Notification filters that select events based on the volume or directory listed in the Text2 field. For a sample configuration, see the Novell Nsure Audit Administration Guide.

The following table provides information on File System events and their associated threat risks.

NOTE: You do not need to restart the logging server to activate your changes in the Filesystem menu.

Label

Property Name

Description

Enabled by Default

Blocks eDirectory
until Logged

Files

Delete

FSFileDelete

A file has been deleted.

 

x

 

Open

FSFileOpen

A file has been opened.

 

x

Create

FSFileCreate

A file has been created.

x

 

Create & Open

FSFileCreateOpen

A file has been created and opened.

x

 

Rename

FSFileRename

A file has been renamed.

x

 

Close

FSFileClose

A file has been closed.

x

 

Salvage

FSFileSalvaged

A deleted file has been salvaged.

x

 

Purge

FSFilePurged

A deleted file has been purged.

x

 

Directories

Create

FSDirCreate

A directory has been created.

 

x

Remove

FSDirRemove

A directory has been removed.

 

x

Modify

FSDirModified

A directory entry has been modified.

 

x

Namespace

NS Entry Changed

FSNSEntryChanged

A namespace name has been changed.

 

x

NS Attributes Modified

FSNSModified

The namespace information of an entry has been changed.

 

x

DOS Attributes Modified

FSDOSModified

DOS attributes of an entry have been changed.

x

 

Trustees

Added

FSTrusteeChange

Trustee information has been changed.

 

Modified

FSTrusteeChange

Trustee information has been changed.

 

Removed

FSTrusteeChange

Trustee information has been changed.

 

 

 For information on eDirectory events logged by Nsure Audit, see eDirectory Events.

For information on NetWare events logged by Nsure Audit, see NetWare Events.
For more information on using Nsure Audit, see Nsure Audit Help.

A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.