Configuring Auditing

GFI Archiver database activity auditing uses the tracing capabilities of SQL Server® to record all activity affecting the archive databases.

NOTE

Auditing cannot be enabled on Archive StoresA collection of email sources, email metadata and search indexes within GFI Archiver based on GFI Archiver (Firebird) database and file system. We recommend using your OS User Configuration auditing and User Trail for this environment.

Trace data is stored in a text file in a user specified location on the SQL Server® machine. There is one trace file per server, containing trace data from all archive stores hosted on the server. The SQL Server® service holds an exclusive lock on the trace file, ensuring the file is not tampered with. From GFI Archiver, you can then trigger the process to upload trace files into the auditing database. Following the upload, you can view auditing reports through the Auditing Reports page in the console.

IMPORTANT

Auditing can be enabled for archive stores based on SQL Server® and SQL Server® with file system. However, if unauthorized access is given on the server, a potential hacker could delete or modify archived data in the database and all of this would NOT be audited.

See also: