After adding rules to stop all users from accessing a folder with a file rule we are still seeing all users have access.
editres FILE ('/apps/ta_uat_pri/uat1/stage/*') audit(ALL) defaccess(NONE) warning owner('ownername')
seaudit shows
Mar 2021 18:55:39 W FILE user1 Chdir 202 4 /apps/ta_uat_pri/uat1/stage/in/vbsbulked/post_ack /usr/bin/ksh 10.189.135.113 (OS user) user1
seaudit table shows
error code is 202 Resource in WARNING mode
Release : 12.8
Component : CA ControlMinder
The seaudit shows this error with a warning only. This is the correct behavior for a warning
If you remove "warning" from this rule then this user would have been denied
editres FILE ('/apps/ta_uat_pri/uat1/stage/*') audit(ALL) defaccess(NONE) warning owner('ownername')