The Auditing, Shadowing & Alerts node lists the device types for which you can define user-level audit, shadowing rules and alerts.

There is not much difference between setting up permissions and defining audit, shadowing rules and alerts so you should first read the Permissions (Regular Profile) section of this manual.

DeviceLock Service can use the standard Windows event logging subsystem to log a device’s information. It is extremely useful for system administrators because they can use any event log reading software to view the DeviceLock audit log. You can use the standard Event Viewer, for example. Also, DeviceLock Service can use its own protected proprietary log. The data from this log is sent to DeviceLock Enterprise Server and stored centrally in the database. One more option is to store data on a syslog server. The data storage options are determined by the Audit log type parameter in Service Options.

DeviceLock Management Console has its own built-in audit log viewer that represents information from the event log in a more convenient form. For more information, see Audit Log Viewer (Service).

To view the audit log stored on DeviceLock Enterprise Server, use the server’s audit log viewer (see Audit Log Viewer (Server)).

Also there is an extended audit’s feature called data shadowing - the ability to mirror all data copied to external storage devices or transferred through serial and parallel ports. A full copy of the data is logged. The shadow log is stored locally in the folder specified by the Local storage directory parameter and it can be transferred to DeviceLock Enterprise Server specified by the DeviceLock Enterprise Server(s) parameter, to be stored in DeviceLock Enterprise Server’s database on SQL Server.

To view the locally stored shadow log, use DeviceLock Management Console’s built-in shadow log viewer. For more information, see Shadow Log Viewer (Service).

To view the shadow log stored on DeviceLock Enterprise Server, use the server’s shadow log viewer (see Shadow Log Viewer (Service)).