File Transfer Auditing

You can use audit logging to maintain a record of file transfer activity. Audit logging is not enabled by default.

To enable file transfer auditing

  1. Go to Configuration > Logging > Audit Logging.
  2. Select Enable file transfer auditing.
  3. Save your settings (File > Save Settings).

When audit logging is enabled, Reflection for Secure IT creates a new log each day in the specified Audit log directory. Audit logs use this name format: RSSHD-Audit-YYYYMMDD.log, where YYYYMMDD indicates the date.

To view the audit log quickly from the server console use the audit log file toolbar button:
Event viewer button

Log files are created in comma-delimited format. The first line of the audit log file, shown here, identifies the logged content:

UserID, ClientIP, Action, ServerFilename, StartTime, EndTime, ServerFileModificationTime, ServerFileSize, BytesTransferred, Result, Reason, ServerFileHash

 

Notes:

  • The server logs sftp and scp transfers.
  • When Allow smart copy & resume is enabled (the default), the server may not create an audit record when the client and server files are identical. To ensure that transfers of identical files create an audit record, go to the Permissions pane and clear Allow smart copy & resume.

Related Topics

Audit Logging Pane