Monday, September 10, 2012

Enabling CIFS Auditing on NetApp

Connect NetApp by using SSH or Telnet as a root and execute the command below on each controller;


options cifs.audit.enable on

options cifs.audit.liveview.enable on 

 (When Live View is enabled, an Access Logging Facility (ALF) daemon runs once a minute, flushing audit events from memory to the internal log file
/etc/log/cifsaudit.alf on disk. The ALF daemon also attempts to save and convert
ALF records to EVT records that can be viewed by Event Viewer. It does so
either once every minute, or when the .alf file becomes 75 percent full)

No comments:

Post a Comment

 
span.fullpost {display:inline;}