The Novell Storage Services Client Logger (VLOG) utility can be used to audit user access to files on the DST shadow volume pair. You should see the following events in VLOG:
A directory has an instance on the primary volume and secondary volume. When a user performs an operation on a directory (such as open, close, create, delete, modify, or rename), you should see two entries in VLOG that record the separate action that occurs on each volume.
A file resides either on the primary volume or the secondary volume. When a user performs an operation on a file (such as open, close, create, delete, modify, or rename), you should see one entry in VLOG for the volume where the file currently resides.
DST managed movement of files between the primary volume and secondary volume is not captured in the audit log. For example, a DST policy moves a file from the primary volume to the secondary volume (or vice versa), or a file is shifted from the secondary volume to the primary volume based on the Last Accessed global policy.
To capture user access events in VLOG for the secondary volume, ensure that you do not enable the -b (blockNssEventsOfVol) option for the secondary volume. This option filters the output based on the volume name.