Topics Topics


How to configure a scheduled Database ACL Audit Report.

You can receive periodic Database ACL audit reports by using the Database ACL Audit feature of SecurTracTM. To configure and schedule the Database ACL Audit feature, you need to open the SecurTrac Configuration Database (SCTCFG.NSF)

To create a Database ACL Audit Report schedule:

  1. Open the SecurTrac Configuration Database (SCTCFG.NSF).
  2. In the left pane, select .
  3. Click the button on the action bar.
  4. Specify the preferred configuration settings and click the button.
  5. Below is a table describing each of the available configurations within the Database ACL Audit reports.


Basics Tab:

SectionFieldDescription
Server To AuditServer(s)Either select "All in the Domain" or "Only the following" servers.

If you select "All in the Domain", the database ACL Audit report will run on all servers in the current domain.

If you select "Only the following", a list box will be shown for you to select the specific server(s) in the current domain that the database ACL Audit report will run on. Click on the button to choose the server(s).

DescriptionDescriptionThis is an optional field which allows user to input descriptions or remark for this report.
ScheduleRun FrequencySelect the interval for the report generation. It can be either Daily, Weekly or Monthly.
Run at timeSelect the time at which the report will be run.
Days of weekIf the Run Frequency is Daily, the report will execute everyday.
If the Run Frequency is Weekly, you can select which day that you want to run the report.
If the Run Frequency is Monthly, you can select which day of the month that you want to run the report.
Log DatabaseFile nameSelect

Log to the default databaseThe corresponding report will be stored in a Central Log Database (SctLog.nsf).
Log to the specified databaseThe corresponding report will be stored in the database you specified.
Server nameSelect

Log to the server where the event occurredThe corresponding report will be created on the same server where the event occurred.
Log to the specified serverThe corresponding report will be created on the server you specified. If you select this option, please make sure the originating server has sufficient access to the remote log database on this specified server.
EnablementDisable this Database ACL Audit ReportIf this option is selected, SecurTracTM will temporarily disable the report


Audit Tab:

SectionFieldDescription
Audit TargetDatabase TypeSelect what database types will be audited:
Databases and templates - Any Notes database (NSF) or template (NTF)
Databases only - Any Notes database (NSF)
Templates only - Any Notes database template (NTF)
Notes databases or templates not disabled for replication - Any Notes database or template not disabled for replication (Database Replication Settings)
Directory to auditDirectory to auditSelect the directory/folder that will be audited. Leave it blank if you want to audit all databases.
Conditions to highlight in the reportConditionsSelect the baseline for the audit. Any deviation from the baseline will be highlighted with the preferred color.
      Enforce ACL - This is the "Enforce a consistent Access Control List across all replicas" option located in the ACL Advanced tab.
      Internet Level - This is "Maximum Internet name and password" setting in the ACL Advanced tab.
      Default Access - "Default" ACL entry access level
      Anonymous - "Anonymous" ACL entry access level
      Delete documents - "Delete documents" privilege is enabled
      People that have been delegated access to the mail file - People or groups that have been delegated access to the mail file database. Use this option to highlight ACL entries that have delegation access enabled.
Show Effective AccessShow effective access for the following users or groupsSelect user(s) or group(s). Use the option to show the effective access of the specified users or groups in the database.
Full ReportList All DatabasesSelect
Yes - list all databases in the report, no matter if the databases satisfy the above conditions.

No - list only databases that satisfy the above conditions. (i.e. those databases which deviated from the baseline.)
Notification ListMailing AddressSelect the person who will receive an e-mail notification immediately when the report has been run.
Customize E-Mail Notification MessageSelect this option if you want to customize the subject and content of the e-mail notification message.


Administration:

SectionFieldDescription
AdministrationOwnerSpecify the owner of the monitor document.
AdministratorsSpecify person(s) who can modify the current monitor document.
Settings Modification HistoryDateShows the date of modification for the current monitor document.
Updated byShows the persons who have modified the current monitor document.


Note: The ACL Audit Report can also be manually executed by issuing a Domino console command "tell securtrac report".

-------------------------------------------------------------------------------------------------------------------------------------------