question

BenmehidiHamzaTICSTI-3379 avatar image
0 Votes"
BenmehidiHamzaTICSTI-3379 asked bharathn-msft edited

Diagnostic logs and Azure File Share

Is there a way to have the userID (or UserSID or anything that could help identify a user) on an SMB event like create or delete ? it seems thats there are 2 kind of SMB events :
- events (like create or delete) that have a USERSID but the URI points to the file share root (\\stoaccount.file.core.windows.net\nameshare)
- events (like create or delete) that don't have any informations related to the events but have a correct URI (\\stoaccount.file.core.windows.net\nameshare\nameoffile)

i tried solving this issue with the support team but they didn't found a solution to this question , we could'nt even know what the first category of events refer to. which means right now we can't use the log activities as we will miss things or misunderstand events . do anyone use Azure Diag logs on azure file ? it's a critical point for our migration (as we have audit logs on-premise)



azure-files
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@BenmehidiHamzaTICSTI-3379 Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.

Can you share the case ID, let me check what all troubleshooting steps they have performed on this issue?

0 Votes 0 ·

@BenmehidiHamzaTICSTI-3379 Just checking in to see if you have had a chance to see the previous response. Could you share the above required information to understand/investigate this issue further?

0 Votes 0 ·

0 Answers