Hello,
I have a couple smb local as well as remote shares and I enabled "Audit file operations" for all of them plus enabled log level "Normal" for SMB service.
However I see entries in the "SMB/CIFS - Audit" log for password protected shares and no entries for shares with full open access to guests.
Is this as suppose to work ? I'd like to see similar information for shares with full open access to guests as well.
Thx