Novell ZENworks Endpoint Security Management
A policy has been published to the ZESM agent with reporting enabled to show what files are copied from the hard drive to a removable storage device but the data is not being displayed in ZESM endpoint auditing.
- Publish a policy with the report âStorage Devices â Files Copied to Removable Deviceâ turned on.
- Copy a file from the machineâs hard drive to a USB device, in the example a file called âHDD to USB.doc"was copied from the desktop to a Lexar USB device.
- Depending on how reporting is setup it will take some time for the client machine to copy up the data to the server, In this example reporting is set to âGenerate Reports every 4 minutesâ
- The reports are not real time so it takes some time for the Distribution database and the Reporting database to sync, if you want to force the databases to sync stop the âNovell ZESM Distribution Server Agentâ, stop the âNovell ZESM Management Server Agentâ and start both services. Wait 5 minutes and than open the Management Console and view the endpoint auditing/Reporting.
- Expand out âOutbound Content Compliance"
- Select âRemovable Storage Activity by Accountâ
- Click the configure button, select a date range and click View
- The files copied from the hard drive to the USB device will also be displayed in the âRemovable Storage Activity by Deviceâ
- Open the report and double click on the location and the data will be displayed.