Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. NetBackup™ Security and Encryption Guide
  5. Section I. Identity and access management
  7. Enhanced Auditing
  9. About Enhanced Auditing
NetBackup™ Security and Encryption Guide

About Enhanced Auditing

With Enhanced Auditing, NetBackup administrators can delegate NetBackup administrator privileges to other designated users. The feature thus allows non-root users to administer NetBackup. The audit logs capture information about the actual user who makes changes to the NetBackup environment. Enhanced Auditing helps organizations track key information about the user activity that is important for audit compliance requirements. In particular, it is a feature that customers in highly regulated industries find useful.

Enhanced Auditing is not supported on NetBackup Appliances, NetBackup Flex Scale, and Flex Appliances.

Note:

Any authorization failure is also audited with Enhanced Auditing.

By default, only a root or administrator can perform NetBackup operations through the command-line interface. However, with NetBackup configured for Enhanced Auditing and with the right NetBackup Administrator privileges, users can perform NetBackup operations through the command-line interface. Enhanced Auditing provides coarse access control where the user is either an administrator or not one.

Note:

NBAC and Enhanced Auditing are mutually exclusive features.

Note:

For now, Enhanced Auditing support is available for user operations such as NetBackup Policies, Jobs, Storage Units, Disk Pools, Storage Servers, Catalogs, and Host Properties, certificate deployment, and token generation.

The following table lists the commands where user actions are audited with Enhanced Auditing:

Table: Commands and categories supported for Enhanced Auditing

Category

Commands

Policy

bpplcatdrinfo, bpplclients, bppldelete, bpplinclude, bpplinfo, bppllist, bpplsched, bpplschedrep, bpplschedwin, bpplvalid, bppolicynew

Jobs

bpdbjobs

Storage Unit

bpstuadd, bpstuddel, bpsturep, bpstulist

Disk Pool

nbdevconfig and nbdevquery

Storage Servers

nbdevconfig and nbdevquery

Catalogs

bpexpdate, bpcatlist, bpimmedia, bpimagelist, bpverify, and nbdeployutil

Host Properties

bpconfig, bpsetconfig, bpgetconfig, nbsetconfig, nbgetconfig, and nbemmcmd

Security tokens

createToken, deleteToken, and cleanupToken

Certificates

getCertificate, revokeCertificate, signCertificate, and renewCertificate

Feedback

Was this page helpful?
Previous

Enhanced Auditing

Next

Enabling Enhanced Auditing

Feedback

Was this page helpful?