Storage API PowerShell SDK SACL Auditing Events

Hello stevef122,
I use PowerShell ISE so I can look for key words from the DellStorage.ApiCommandSet. I have also scripted the Help Files for each command in API to be able to look at options:

Import-Module "C:\API\DellStoragePowerShellSDK-4.1.0.47\DellStorage.ApiCommandSet.psd1"
$user = " "
$em = " "
$pass = ConvertTo-SecureString "" -AsPlainText -Force
$conn = Connect-DellApiConnection -HostName $em -User $user -password $pass
$CMD = Get-Command -Module DellStorage.ApiCommandSet

foreach ($line in $CMD)
{
Write Host $line
$line | %{Get-Help $_.Name -Detailed} | Out-File C:\API\4.1.0.47_help\$line.txt
}

I have also found I can search the directory for key words.

I show 3 commands that may be useful for you:
NAME     New-DellFluidFsAuditServer
SYNOPSIS     File access notification subscriber settings for auditing
SYNTAX    FluidFsAuditServer -Hostname -Status [ ]

NAME    New-DellFluidFsSmbShareSecurityDescriptorSacl
SYNOPSIS    Security access control list

NAME    Get-DellFluidFsFileAccessNotificationSubscriber

Unfortunately I do not have access to an FS8600 currently so I cannot test this myself. Please let me know if this answers your query.

Thanks Bob. Unfortunately they did not help. So far, all I've found is the Get-DellFluidFsClusterEmEvent cmdlet, which dumped the cluster events, but the SACL auditing events were not included in its output.

# Creating filter
$filter = [DellStorage.Api.Enums.FilterTimeEnum] "other"
#DellScVolumeHistoricalIoUsage -Instance $volume.InstanceId -HistoricalFilter $filter

$startdate = (Get-Date).AddHours(-24)

$finishdate = (get-date)

$lasthour = New-DellHistoricalFilter -FilterTime $filter -StartTime $startdate -EndTime $finishdate

Get-DellFluidFsClusterEmEvent -Instance "your cluster instanceID" -HistoricalFilter $lasthour -Severity 1