Which logs contain File Deletion info

A bunch of new modified files were recently deleted from a shared workarea w/in a single branch. How can I find out who did this ?

Find more posts tagged with

Comments

Garth McMillan

TeamSite\local\logs\iwevents.log should list all the user activity events.

rob_liem

I tried that file, and I don't see any deletion event. What would the event be named ?

Garth McMillan

I think it should be DestroyFSE.

rob_liem

Sorry, no such event. Would this have do w/ how verbose the logging should be ? How would I setup the log file to be more verbose ?

nipper

Sorry, no such event. Would this have do w/ how verbose the logging should be ? How would I setup the log file to be more verbose ?

If they were deleted before the were submitted, you are SOL. That is a training issue. DestoryFSE would be the one if it was being versioned.

rob_liem

I thought so. So, here's a related question. W/o being too restrictive i.e. file_default_perm set to 644, how can you setup file permission so that noone else from your group can delete it ?

Adam Stoller

I thought so. So, here's a related question. W/o being too restrictive i.e. file_default_perm set to 644, how can you setup file permission so that noone else from your group can delete it ?

Modify the UI and remove the OOTB Delete menu and, optionally, add in your own custom Delete menu that performs some cursory checks before allowing the operation to go through.

rob_liem

Is there a way to show the "delete" option for specific UIDs w/o going completely custom ?

Adam Stoller

Is there a way to show the "delete" option for specific UIDs w/o going completely custom ?

Not really.
You can enabled / disable the Delete option by role (operation: DeleteFilesAndFolders) - and you can then add certain userids to those roles - and then they won't have the ability to delete files and folders.

Alternatively, you create your own custom UI that checks users against some custom configuration file and, if they pass muster, you call the OOTB delete URI for the file (or just use a standard OS CLT).