[gpfsug-discuss] Re Auditing

Oesterlin, Robert Mon, 31 Jul 2017 11:02:57 -0700

We run a policy that looks like this:

-- cut here --
      define(daysToEpoch, days(timestamp('1970-01-01 00:00:00.0')))
      define(unixTS,
               char(int(
                 (( days(\$1) - daysToEpoch ) * 86400) +
                 (  hour(\$1) * 3600) +
                 (minute(\$1) * 60) +
                 (second(\$1))
               ))
            )


      rule 'dumpall' list '"$filesystem"' DIRECTORIES_PLUS
      SHOW(                                      '|' ||
            varchar(user_id)                  || '|' ||
            varchar(group_id)                 || '|' ||
            char(mode)                        || '|' ||
            varchar(file_size)                || '|' ||
            varchar(kb_allocated)             || '|' ||
            varchar(nlink)                    || '|' ||
            unixTS(access_time,19)            || '|' ||
            unixTS(modification_time)         || '|' ||
            unixTS(creation_time)             || '|' ||
            char(misc_attributes,1)           || '|'
          )
-- cut here --


Bob Oesterlin
Sr Principal Storage Engineer, Nuance




From: <[email protected]> on behalf of Mark Bush 
<[email protected]>
Reply-To: gpfsug main discussion list <[email protected]>
Date: Monday, July 31, 2017 at 12:31 PM
To: "[email protected]" <[email protected]>
Subject: [EXTERNAL] [gpfsug-discuss] Auditing

Does someone already have a policy that can extract typical file audit items 
(user_id, last written, opened/accessed, modified, deleted, etc)?  Am I barking 
up the wrong tree for this is there a better way to get this type of data from 
a Spectrum Scale filesystem?

_______________________________________________
gpfsug-discuss mailing list
gpfsug-discuss at spectrumscale.org
http://gpfsug.org/mailman/listinfo/gpfsug-discuss

[gpfsug-discuss] Re Auditing

Reply via email to