Specifying Operations to Audit Using a Security Policy
About this task
You can specify the directory, file, and table operations to audit in a security policy. If you specify the operations to audit in a security policy and tag data objects (such as volumes and tables) with the policy, the enforcement mode setting in the policy is used to determine how the setting affects auditing of operations on the data objects. For more information, see Volume-Level Security Policy Enforcement Mode.
You can specify the directory, file, and table operations to audit in a security policy using the Control System, CLI, and the REST API.
Specifying Audit Operations in a Security Policy Using the Control System
Procedure
-
Log in to the Control System and go to one of the following pages:
- Create Security Policy to set the list of operations to audit when creating a policy.
- Edit Security Policy to set new or modify existing list of operations to audit.
- Move the slider associated with Enable Audit Operations from No to Yes to enable auditing if it is already not enabled.
-
Choose the
Default radio button to accept the
default list of operations to audit or choose the
Custom radio button to select/deselect
the operations to audit.
For more information on the list of operations that can be audited, see Auditing Data Access Operations.
-
Specify or modify other properties as needed and click
Save for the changes to take effect.
For more information, see: