Reason for policy deactivation

Check for de-activated policies is something that should be carried out on a daily basic.

Its not un-common to de-activate policies if Netbackup server is being re-started. Admin could have forgot to enable them again - this is purely human.

Test policies should be named with a prefix/post-fixed to indicate this. e.g UNIX_FS_TEST

If you go to /usr/openv/netbackup/db/class directory or corresponding Windows directory ,you will see your policies listed as files .if you deactivate a policy, modify date will show it with ls -al ...and if you have date and time it may be possible to line up with OS log. Login from ip x.x.x.x on date/time.

The policies were activated now so I assume that the date of the files would be the one of the last activation. I think that the only possibility now would be have Audit enabled. So we can have a history of the activations/deactivations of the policies. Is this right? If so I would mark that answer as a solution.

I think that the restart of the Netbackup server will not be the issue since the problem was only with 3 policies, the other 10 policies were activated.

Thanks!

 

 

Hi Ivan,

One other option is if you have Ops Center, there is an Alert Policy that will do just what you want.

It's the "Job Policy Change" alert (An alert is generated when one or more job policies change), and is listed under "Others" in the Alert Conditions.

I enable this as one of my default alerts, as I find it very useful.  I get an email when there is any change to a policy (change, add, delete, deactivate, etc).  It doesn't tell you who made the change, but it gives you the "what changed and when".

Hope that helps,

Steve

If memory serves me right, as from NBU 7.6 nbaudit should be enabled by default. I will look for commands when I have access to manuals a bit later. At least this will give you the 'when'. *** Edit *** nbauditreport. I found this post : https://www-secure.symantec.com/connect/forums/nbu-auditing-logs-root-user