Send Knowledge Base Article
The article has been sent to your inbox successfully.
We never share your data
Warning: "You have some necessary audit success/failed flags not set"
KB1564 | Last review: Oct 06, 2014 | Netwrix Auditor for File Servers | All Versions
|Symptoms||The audit report from Netwrix Auditor for File Servers contains the following warning: "You have some necessary audit success/failed flags not set".
Alternatively, the opposite error can be received: " You have some unnecessary audit success/failed flags set'.
|Cause||This warning indicates that some audit settings on monitored shares are not set correctly. This means that auditing flags on a share do not correspond with Netwrix Auditor's settings.
There are 4 types of activities that can be monitored, and each one requires its own audit flags to be set.
Incorrect audit flags may result in missing audit events or flooding the security log with unnecessary events.
|Resolution||To resolve the issue and get rid of the warning, you will need to configure auditing on shares properly.
See the following article for details: https://helpcenter.netwrix.com/Configure_IT_Infrastructure/File_Servers/Windows_Shares/WSh_Object_Level_Access.html
Was this information helpful?