File Access Auditing on VNX for File (CIFS/NFS)

Hi Gareth,

currently the only way to do NFS auditing is through the VNX Event Enabler API – see the “Using VNX™ Event Enabler” manual.

It’s a programmatic API – not something that you can just use with the CLI.

We have partners like Varonis that have integrated with it for NFS auditing.

Rainer

Please see the CIFS manual

For CIFS auditing we work exactly like a Windows server – you can get the auditing events in an .evt file that is compatible with Windows Event Viewer – not a text file

Or with the VEE API

What about just CIFS servers? Is there a simple way to get the data in a txt file etc. I already have a system capable of processing this kind of data.

Regards,

Gareth

Have you found people reporting problems with not being able to point splunk at CIFS servers for event logs?

No change there in terms of CIFS audit log access

Hi  there ... not sure about splunk business .... sorry ....

NOW my question is ......  Codes has been upgraded since April 2013 ....does anybody know Audit log situation

has not been changed since then?

My customer wants to use CLI to get audit log from CS ... can he ?

thanks

aya

hi

thank you for the info!

Still Audit log in CIFS is available only from MMC ..

You should be able to use Windows command line tools as well or 3rd party products that access the security.evt via CIFS