The auditing framework helps you to monitor the authentication process and track any changes that occur to the configuration parameters of the server. Details of any changes that occur are recorded in the /var/log/audit/audit.log file. The audit daemon keeps track of the changes to the audit.log file.
Auditing is disabled by default in OES 2 SP3.
However, if it is enabled, you can disable Audit configuration option in /etc/opt/novell/afptcpd/afptcpd.conf file manually or through iManager.
When the auditing option is enabled, the AFP server reports changes for the following events:
AFP user login and logout events
Changes to the configuration parameters of the following files: