Dell Unity: How To Change the location of the Unity NAS Server Security Log file [c:security.evt] and increase the log size (User Correctable)
Summary: Change the location of the Unity NAS Server Security Log file [c:security.evt] and increase the log size.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Instructions
If you do not allow any missing logs during these steps, stop access from users by means such as stopping associated shares, etc.
If you must backup the security.evt already in use, disable auditing and save the file in prior to the steps below.
For details, refer to
https://dl.dell.com/content/manual69194096-dell-emc-unity-family-configuring-hosts-to-access-smb-file-systems.pdf?language=en-us
Change the location of security.evt file from default ( \\SMB_server_netbios_name\C$\.etc\audit\security.evt ) to custom location on a NAS filesystem:
As Domain Admin, open the Windows Registry Editor: Start>Run>regedit and select "File -> "Connect Network Registry" and enter SMB server hostname/IPaddress/FQDN to connect:
Once connected you see the local and remote registry, expand the following tree and highlight "Security":
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Eventlog/Security
When the "File" entry is changed to a new location, the security file is created:
Path used is C:\UnityNASFS\1\security.evt.
Connect to the target CIFS server referring to https://support.emc.com/kb/501783.
Then navigate to Security, right-click it and Clear all Events in order for the change to take effect.
Change the size of the security.evt file from default size of 512 KB to a custom size:
The size can be changed in registry, a few lines under the "File" location, "MaxSize" can be specified.
The size of security.evt file can as well be specified by using "Event Viewer" on Windows.
Connect to remote computer and choose SMB server using hostname/IPaddress/FQDN:
Right-click Security and select properties:
If you have stopped associated shares or disabled auditing, enable auditing and start the associated shares again.
If you must backup the security.evt already in use, disable auditing and save the file in prior to the steps below.
For details, refer to
https://dl.dell.com/content/manual69194096-dell-emc-unity-family-configuring-hosts-to-access-smb-file-systems.pdf?language=en-us
Change the location of security.evt file from default ( \\SMB_server_netbios_name\C$\.etc\audit\security.evt ) to custom location on a NAS filesystem:
As Domain Admin, open the Windows Registry Editor: Start>Run>regedit and select "File -> "Connect Network Registry" and enter SMB server hostname/IPaddress/FQDN to connect:
Once connected you see the local and remote registry, expand the following tree and highlight "Security":
HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Eventlog/Security
When the "File" entry is changed to a new location, the security file is created:
Path used is C:\UnityNASFS\1\security.evt.
Connect to the target CIFS server referring to https://support.emc.com/kb/501783.
Then navigate to Security, right-click it and Clear all Events in order for the change to take effect.
Change the size of the security.evt file from default size of 512 KB to a custom size:
The size can be changed in registry, a few lines under the "File" location, "MaxSize" can be specified.
The size of security.evt file can as well be specified by using "Event Viewer" on Windows.
Connect to remote computer and choose SMB server using hostname/IPaddress/FQDN:
Right-click Security and select properties:
If you have stopped associated shares or disabled auditing, enable auditing and start the associated shares again.
Additional Information
NAS Server/SMB server and Filesystem used for this example are:
NAS Server = UnityNAS
SMB Server = \\unitynas.supportw2k8.muc.de
Filesystem = UnityNASFS
NAS Server = UnityNAS
SMB Server = \\unitynas.supportw2k8.muc.de
Filesystem = UnityNASFS
Affected Products
Dell EMC Unity FamilyProducts
Dell EMC Unity Family |Dell EMC Unity All Flash, Dell EMC Unity Family, Dell EMC Unity Hybrid, Dell EMC UnityVSA Professional Edition/Unity Cloud EditionArticle Properties
Article Number: 000010690
Article Type: How To
Last Modified: 23 May 2023
Version: 5
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.