|
Manual Configuration of Audit Policy and SACLs for NetApp Filers
Configuring the Audit Policy
Configuring the SACLs for NetApp Shares
The NetApp Filer command prompt is accessible through SSH/Telnet connection (Verify your NetApp Filer settings), or via the web interface. To access it via the web interface, open NetApp Filer GUI, and navigate to FilerView > Filer > Use Command Line:
Perform the basic configuration commands
- To get an option value:
options < option_name >
- To set an option value:
options < option_name > < option_value >
For example, to enable the cifs.audit.enable option, execute the following command
options cifs.audit.enable on
Note: For a full list of commands along with their desccriptions, please refer to NetApp reference document.
Certain pre-requisites for the audit options have to be enabled to generate the file audit events and automatically capture the events as EVT files.
options cifs.audit.account_mgmt_events.enable off
options cifs.audit.logon_evetns.enable off
options cifs.audit.liveview.enable off
options cifs.audit.enable on
options cifs.audit.file_access_events.enable on
options cifs.audit.autosave.file.extension timestamp
options cifs.audit.autosave.file.limit 10
options cifs.audit.autosave.onsize.enable on
options cifs.audit.autosave.onsize.threshold 100%
options cifs.audit.autosave.ontime.enable off
options cifs.audit.logsize 268435456
Also, you must disable the cifs.audit.liveview.enable option, since it interferes with the ADAudit Plus's processing the audit data.
|
|