NetWare events are server-specific settings; that is, they must be enabled on each NCP Server object in the tree. The NetWare instrumentation can log events from NetWare 4.2 systems and higher.
The following table provides information on NetWare events and their associated threat risks.
NOTE: You do not need to
restart the logging server to activate your changes in the NetWare menu.
Label |
Property Name |
Description |
Enabled by Default |
Blocks eDirectory |
|
Operations |
|||||
NetWare Alert |
NWNetWareAlert |
NetWare has issued an alert.
|
x |
|
|
Server Down |
NWServerDown |
A server has been shut down.
|
x |
||
Environment |
|||||
Protocol Bound |
NWProtocolBind |
A protocol has been bound.
|
x |
||
Protocol Unbound |
NWProtocolUnbind |
A protocol has been unbound.
|
x |
||
Module (NLM) Loaded |
NWModuleLoaded |
A module has been loaded.
|
x |
||
Module (NLM) Unloaded |
NWModuleUnloaded |
A module has been unloaded.
|
x |
||
Volumes |
|||||
Mounted |
NWVolumeMounted |
A volume has been mounted.
|
x |
||
Dismounted |
NWVolumeDismounted |
A volume has been dismounted.
|
x |
||
Connections |
|||||
Connection Cleared |
NWConnectionCleared |
A connection has been cleared.
|
x |
||
Login |
NWLogin |
A login has occurred.
|
x |
For information on eDirectory events logged by Nsure Audit, see eDirectory
Events.
For information on file system events logged by Nsure Audit, see Filesystem
Events.
For more information on using Nsure Audit, see Nsure
Audit Help.
A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.