Configuring Object Level Auditing for Windows/NetApp/EMC File Share Auditing

 To audit file and folder access, corresponding object level auditing must be applied on the Shared Folders.

You can do this in three ways

  1. Automatically through product.

  2. Manually on each shared folders.

  3. Using Powershell script.

1.Automatically through product

  1. Go to File Audit tab in the top bar.

  2. Cilck Windows/EMC/NetApp File Server under Configured Server(s) in the left pane.

  3. Click "View Configured File Shares Icon" on any file server in the table view of servers.

  4. Select the respective shares and click Apply SACL button in right top corner.

    Note:Green Color- Object Level Auditing are set correctly.

    Red Color-Object Level Auditing are not set correctly/error occured while configuring.i you hover mouse over the share you can view the error code.

    Orange Color-Setting SACL is in progress


2.Manually on each Share Folders
  1. For that, right-click the share folder that you want to audit, click Properties, and then click the Security tab.
  2. Click Advanced, and then click the Auditing tab.
  3. For the Everyone group, add the following entries.





Applies To

File/Folder Changes


Success and Failure


  • Create Files / Write Data
  • Create Folders / Append Data
  • Write Attributes
  • Write Extended Attributes
  • Delete Subfolders and Files
  • Delete


This Folder, Subfolders and Files

Folder Permission and Owner Changes


Success and Failure


  • Take Ownership
  • Change Permissions


This Folder and Subfolders

File Read


Success and Failure


  • List Folder / Read Data


Files Only

Folder Read Failure




  • List Folder / Read Data


This Folder and Subfolders

  1. Click on OK.
  2. This will set SACLs for the Share selected.
Copyright © 2022, ZOHO Corp. All Rights Reserved.
Get download link