Specifying Operations to Audit Using a Security Policy

About this task

You can specify the directory, file, and table operations to audit in a security policy. If you specify the operations to audit in a security policy and tag data objects (such as volumes and tables) with the policy, the enforcement mode setting in the policy is used to determine how the setting affects auditing of operations on the data objects. For more information, see Volume-Level Security Policy Enforcement Mode.

You can specify the directory, file, and table operations to audit in a security policy using the Control System, CLI, and the REST API.

Specifying Audit Operations in a Security Policy Using the Control System

Procedure

  1. Log in to the Control System and go to one of the following pages:
  2. Move the slider associated with Enable Audit Operations from No to Yes to enable auditing if it is already not enabled.
  3. Choose the Default radio button to accept the default list of operations to audit or choose the Custom radio button to select/deselect the operations to audit.
    For more information on the list of operations that can be audited, see Auditing Data Access Operations.
  4. Specify or modify other properties as needed and click Save for the changes to take effect.

Specifying Audit Operations in a Security Policy Using the CLI and REST API