Table of ContentsView in Frames

Configuring system event auditing

You must perform several tasks to configure system event auditing.

Steps

  1. Determine what events you want to audit.

    For example, if you want to audit all the events on a volume or qtree, apply the Storage-Level Access Guard security using the fsecurity command.

  2. If you want to audit file and directory access events, set your system access control lists (SACLs).
  3. Enable CIFS auditing and NFS auditing, as applicable.
  4. If you want to use Live View to manage auditing, enable Live View.

    Otherwise, familiarize yourself with audit log management.

  5. Use Event Viewer to display audit events.