Protocol auditing is available for recording SMB, NFSv4.1, NFSv3 and S3 operations performed by clients on the VAST Cluster.
Audit records report the time each operation was performed, identity attributes of the client user, the type of operation requested, the path accessed, affected files, directories or objects, and the success of the operation. Protocol auditing provides you with a way to understand exactly what your users did on the storage system. The audit information is delivered in structured JSON format. You can use the information to analyze user data consumption and to automate and validate security reviews.
A global auditing policy sets global configuration settings such as the name of the audit directory, audit file size limit and so on. It also determines which protocols and operations are audited on all views. You can also configure an audit policy within each view policy which specifies additional actions and protocols to record for the views attached to the view policy.
Important
Protocol auditing configuration at the view policy level can only extend auditing beyond the global configuration. It cannot decrease the auditing scope from the global configuration.
Comments
0 comments
Article is closed for comments.