Table of ContentsView in Frames

Configuring Data ONTAP for CIFS auditing

When you enable or disable CIFS auditing, you enable auditing of policy change events. There is not a separate CIFS option to enable policy change events at this time.

Before you begin

Following are the prerequisites for CIFS auditing:

Step

  1. Perform one of the following actions.
    If you want to turn auditing on or off for... Enter the command...
    File access events options cifs.audit.file_access_events.enable {on | off}
    Logon and logoff events options cifs.audit.logon_events.enable {on | off}
    Local account management events options cifs.audit.account_mgmt_events.enable {on | off}
    Note: You use MMC Event Viewer to view changes to the account management events.
    All events cifs audit {start | stop}

    Alternatively, you can start and stop CIFS auditing using the cifs.audit.enable option. For example, entering the following command is the equivalent of using the cifs audit start command:

    options cifs.audit.enable {on | off}

    Use on to start CIFS auditing or off to stop auditing.

    Note: CIFS auditing is disabled by default.