I have a small group of people defined as Administrators on the farm I manage. Recently someone made some permissions changes and messed things up. Naturally nobody did anything, so I want to determine who made the permissions changes and when. I did look through the logs by filtering for the word permissions but nothing came up. I am going to make them much more limited administrators in the very near future, but I still want to know who changed it. Is there a log somewhere I can use to determine who made the change?
Thanks
Matt
You may be interested in any of the following in the event tables:
RoleUpdatedEvent
RoleRemovedEvent
RoleEvent
RoleAddedEvent
PermissionRemovedEvent
PermissionUpdatedEvent
PermissionEvent
PermissionAddedEvent
I utilize a viperltoolkit script, found here:
http://communities.vmware.com/servlet/JiveServlet/download/821751-4447/vmeventmgr.pl
Create an eventlist.txt file listing the above, and then pass that in as an argument to the script. Works like a champ. I actually run it every week via cron and email the results to myself so I can audit what's going on in our virtual infrastructure. I include a number of other event types, like VM creation, power operations, etc... You can have it report back for last X days/weeks/hours... whatever you need.
You may be interested in any of the following in the event tables:
RoleUpdatedEvent
RoleRemovedEvent
RoleEvent
RoleAddedEvent
PermissionRemovedEvent
PermissionUpdatedEvent
PermissionEvent
PermissionAddedEvent
I utilize a viperltoolkit script, found here:
http://communities.vmware.com/servlet/JiveServlet/download/821751-4447/vmeventmgr.pl
Create an eventlist.txt file listing the above, and then pass that in as an argument to the script. Works like a champ. I actually run it every week via cron and email the results to myself so I can audit what's going on in our virtual infrastructure. I include a number of other event types, like VM creation, power operations, etc... You can have it report back for last X days/weeks/hours... whatever you need.
Thanks for that information. I'll start digging into the logs.
Matt