The File System events are server-specific settings; that is, they must be enabled on each NCP Server object in the tree. The File system instrumentation logs all traditional and NSS file system activity for the selected events.
NOTE: If you want to filter events on a volume or directory level, you can create Notification filters that select events based on the volume or directory listed in the Text2 field. For a sample configuration, see the Novell Nsure Audit Administration Guide.
The following table provides information on File System events and their associated threat risks.
NOTE: You do not need to restart the logging server to activate your changes in the Filesystem menu.
Label |
Property Name |
Description |
Enabled by Default |
Blocks eDirectory |
|
Files |
|||||
Delete |
FSFileDelete |
A file has been deleted.
|
x |
|
|
Open |
FSFileOpen |
A file has been opened.
|
x |
||
Create |
FSFileCreate |
A file has been created. |
x |
|
|
Create & Open |
FSFileCreateOpen |
A file has been created and opened. |
x |
|
|
Rename |
FSFileRename |
A file has been renamed. |
x |
|
|
Close |
FSFileClose |
A file has been closed. |
x |
|
|
Salvage |
FSFileSalvaged |
A deleted file has been salvaged. |
x |
|
|
Purge |
FSFilePurged |
A deleted file has been purged. |
x |
|
|
Directories |
|||||
Create |
FSDirCreate |
A directory has been created.
|
x |
||
Remove |
FSDirRemove |
A directory has been removed.
|
x |
||
Modify |
FSDirModified |
A directory entry has been modified.
|
x |
||
Namespace |
|||||
NS Entry Changed |
FSNSEntryChanged |
A namespace name has been changed.
|
x |
||
NS Attributes Modified |
FSNSModified |
The namespace information of an entry has been changed.
|
x |
||
DOS Attributes Modified |
FSDOSModified |
DOS attributes of an entry have been changed. |
x |
|
|
Trustees |
|||||
Added |
FSTrusteeChange |
Trustee information has been changed.
|
|||
Modified |
FSTrusteeChange |
Trustee information has been changed.
|
|||
Removed |
FSTrusteeChange |
Trustee information has been changed. |
|
|
For information on eDirectory events logged by Nsure Audit, see eDirectory Events.
For information on NetWare events logged by Nsure Audit, see NetWare
Events.
For more information on using Nsure Audit, see Nsure
Audit Help.
A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.