[gpfsug-discuss] Re Auditing

Mark Bush Mark.Bush at siriuscom.com
Mon Jul 31 19:05:37 BST 2017 

Brilliant.  Thanks Bob.

From: Oesterlin, Robert [mailto:Robert.Oesterlin at nuance.com]
Sent: Monday, July 31, 2017 1:03 PM
To: gpfsug main discussion list <gpfsug-discuss at spectrumscale.org>
Subject: [gpfsug-discuss] Re Auditing

We run a policy that looks like this:

-- cut here --
      define(daysToEpoch, days(timestamp('1970-01-01 00:00:00.0')))
      define(unixTS,
               char(int(
                 (( days(\$1) - daysToEpoch ) * 86400) +
                 (  hour(\$1) * 3600) +
                 (minute(\$1) * 60) +
                 (second(\$1))
               ))
            )

      rule 'dumpall' list '"$filesystem"' DIRECTORIES_PLUS
      SHOW(                                      '|' ||
            varchar(user_id)                  || '|' ||
            varchar(group_id)                 || '|' ||
            char(mode)                        || '|' ||
            varchar(file_size)                || '|' ||
            varchar(kb_allocated)             || '|' ||
            varchar(nlink)                    || '|' ||
            unixTS(access_time,19)            || '|' ||
            unixTS(modification_time)         || '|' ||
            unixTS(creation_time)             || '|' ||
            char(misc_attributes,1)           || '|'
          )
-- cut here --


Bob Oesterlin
Sr Principal Storage Engineer, Nuance



From: <gpfsug-discuss-bounces at spectrumscale.org<mailto:gpfsug-discuss-bounces at spectrumscale.org>> on behalf of Mark Bush <Mark.Bush at siriuscom.com<mailto:Mark.Bush at siriuscom.com>>
Reply-To: gpfsug main discussion list <gpfsug-discuss at spectrumscale.org<mailto:gpfsug-discuss at spectrumscale.org>>
Date: Monday, July 31, 2017 at 12:31 PM
To: "gpfsug-discuss at spectrumscale.org<mailto:gpfsug-discuss at spectrumscale.org>" <gpfsug-discuss at spectrumscale.org<mailto:gpfsug-discuss at spectrumscale.org>>
Subject: [EXTERNAL] [gpfsug-discuss] Auditing

Does someone already have a policy that can extract typical file audit items (user_id, last written, opened/accessed, modified, deleted, etc)?  Am I barking up the wrong tree for this is there a better way to get this type of data from a Spectrum Scale filesystem?


This message (including any attachments) is intended only for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, privileged, confidential, and exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. This message may be viewed by parties at Sirius Computer Solutions other than those named in the message header. This message does not contain an official representation of Sirius Computer Solutions. If you have received this communication in error, notify Sirius Computer Solutions immediately and (i) destroy this message if a facsimile or (ii) delete this message immediately if this is an electronic communication. Thank you.

Sirius Computer Solutions<http://www.siriuscom.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20170731/421667a8/attachment.htm>

More information about the gpfsug-discuss mailing list