Configuration Settings for EMC Isilon Auditing

Configure the following audit settings on EMC Isilon nodes.

  1. Connect any one of the Isilon nodes using SSH Client
    1. Open syslog.conf file in the /etc/mcp/templates directory
    2. Add the following entry
      1. *.* @<hostname/IP Address of the AdAuditPlus server> after the "!audit_protocol" line
    3. Enable syslog forwarding for the zone to be audited by executing the following command
      1. on OneFS version 7.x isi zone zones modify <zonename> --syslog-forwarding-enabled=yes --syslog-audit-events=all
      2. on OneFS version 8.x isi audit settings modify --syslog-forwarding-enabled=yes --syslog-audit-events=all --zone=<zonename>

Steps to configure in ADAudit Plus.

  1. Login into ADAudit Plus.
  2. Goto File Audit tab -> Configured Server -> EMC Isilon.
  3. Configure the Isilon cluster with the wizard available (Note: Provide an administrative credential for audit).
  4. Goto Admin -> General Settings -> Connection.
  5. Check "Current Syslog Status" is "On".
Copyright © 2019, ZOHO Corp. All Rights Reserved.
Get download link