Forum Discussion

Possible's avatar
Possible
Level 6
13 years ago

Checking logs

Hi,

How can i check the logs : if someone has aborted the job.

I do hv opscentre but i dont know the exact procedure (Is NBAC should be enabled for checking logs from OPScentre)?

Thanks

Giri.

Backup and Recovery
NetBackup
Troubleshooting
  • Marianne's avatar
    Marianne
    13 years ago

    Can be done when auditing and Access Control is enabled.

    See Chapter 22 - Auditing NetBackup operations in NBU 7.1 Admin Guide for Windows, Volume I  http://www.symantec.com/docs/DOC3653

    nbaudit was introduced in NBU 7.0.1.

    Access control is a complex process that cannot be summarized in a single forum discussion.

    Once NBAC is configured and each user is logging in with own id, you can enable Auditing.

    NBAC: NBU Security and Encryption Guide http://www.symantec.com/docs/DOC3655

     

     

6 Replies

Sort By
  • Marianne's avatar
    Marianne
    Level 6
    13 years ago

    Can be done when auditing and Access Control is enabled.

    See Chapter 22 - Auditing NetBackup operations in NBU 7.1 Admin Guide for Windows, Volume I  http://www.symantec.com/docs/DOC3653

    nbaudit was introduced in NBU 7.0.1.

    Access control is a complex process that cannot be summarized in a single forum discussion.

    Once NBAC is configured and each user is logging in with own id, you can enable Auditing.

    NBAC: NBU Security and Encryption Guide http://www.symantec.com/docs/DOC3655

     

     

  • Possible's avatar
    Possible
    Level 6
    13 years ago

    I tried below...

    2 Enter the nbemmcmd command using the following syntax:

    nbemmcmd -listsettings -machinename masterserver

    Where masterserver is the master server in question.

    Note: The options are case-sensitive.

    3 The output lists many configuration settings. Among them are the following:

    AUDIT="ENABLED"

    Indicates that auditing is turned on.

    but we dont have AUDIT ENABLED.

    and NBAC bot enabled too...

    is there any way now....??

    Thanks,

    Giri

  • Mark_Solutions's avatar
    Mark_Solutions
    Level 6
    13 years ago

    Auditing as it stands will give you some details - as will the basic Errors and All Log Entroes report in the Admin Console - but that will only give you the time of the cancellation not who did it.

    What you can do is identify the time and then check the Windows Event viewer (assuming this is windows) and the Security section usually shows logins so you could work out who was logged in at the time.

    Without NBAC the above is all you can really do - identify when it happened and work out who was on the systm at the time.

    See the Audit and NBAC docs Marianne linked to for full details

  • Possible's avatar
    Possible
    Level 6
    13 years ago

    Thanks Maria...actually i got this from one of the forums..

    You need to enable NBAC (access control) plus auditing. (nbaudit was introduced in NBU 7.0.1 and enhanced in 7.1)
    After that you can use OpsCentre to create reports    .

    Thanks,

  • Marianne's avatar
    Marianne
    Level 6
    13 years ago

    Also one of my posts ! cheeky  

    https://www-secure.symantec.com/connect/forums/netbackup-audit#comment-7261851