Defining Audit and Shadowing Rules
To define audit and shadowing rules for a device type, highlight it (use Ctrl and/or Shift to select several types simultaneously) and select Set Auditing, Shadowing & Alerts or Set Offline Auditing, Shadowing & Alerts from the shortcut menu available by a right mouse click. Alternatively, you can click the appropriate button on the toolbar.
Note: You can define different online vs. offline audit and shadowing rules for the same user or sets of users. Online audit and shadowing rules (Regular Profile) apply to client computers that are working online. Offline audit and shadowing rules (Offline Profile) apply to client computers that are working offline. By default, DeviceLock works in offline mode when the network cable is not connected to the client computer. For detailed information on DeviceLock offline policies, see
DeviceLock Security Policies (Offline Profile). For information about how to define offline audit and shadowing rules, see
Managing Offline Audit, Shadowing and Alerts for Devices. |
In
DeviceLock Group Policy Manager or
DeviceLock Service Settings Editor, if you want to reset online (regular) audit and shadowing rules to the unconfigured state, select
Undefine from the shortcut menu.
If you want to return previously defined offline audit and shadowing rules to the unconfigured state, select Undefine Offline from the shortcut menu. If offline rules are undefined, regular rules are applied to offline client computers.
In
DeviceLock Group Policy Manager or
DeviceLock Service Settings Editor, if you want to block the inheritance of offline audit and shadowing rules and enforce regular audit and shadowing rules, select
Remove Offline from the shortcut menu.
Online audit, shadowing rules and alerts for a device type can have one of the following states:
•Not Defined - Audit, shadowing rules, and alerts are not defined for the device type.
•Configured - Audit, shadowing rules and/or alerts are defined for the device type.
•No Audit - Settings for the device type do not allow audit, shadowing, and alerts for any accounts.