2011-02-18 04:04 AM
I am an Security Analyst and i was assigned to a Storage Project[Netapp] for which i need some information in regard with the logging..,
Query: what is the difference between netapp filer and netapp dataontap,Do they generate the same type of logs or different types of logs.
If possible can you give me the list of audit logs and its format's generated by filer and ontap.
Any help would be realy appreciated.
2011-02-18 04:14 AM
It's also depends if you are interested in whole SAN security or only DataOntab security.
You may also want to try : TR-3649 Best Practices for Secure Configuration of Data ONTAP 7G
2011-02-21 09:29 PM
One more query is the log format same as filer O/P in data ontap.
|Log Format for Messages|
<PRI> <TIME> ' ' <MESG> '[' <MDATA> ' ' <SIG> ' ']
|<[EVENT:>||Event Name which is Event ID|
|<:Severity]>||Severity is categories like emerg, alert, crit, err, warning, notice, info, debug|
|<MSG>||Details About Message|
|Log Format of adtlog.evt|
|DATE | TIME | Event ID | Operation Outcome | Number of seconds of duplicated events | Filer Name | Number of duplicate events detected | Protocol used | User | Object | Access Code|
|<Event ID>||Event ID (540,538,560) Support Windows Event ID’s|
|<Operation Outcome>||Operation Details (Success or Failure)|
|<Number of seconds of duplicated events>||Number|
|<Filer Name>||Filer Name (Data)|
|<Number of duplicate events detected>||Number|
|<Protocol used>||Protocol Used (Unknown, CIFS, NFS,HTTP)|
|<User>||User Name (administrator, petemo)|
|<Object>||Object Details e.g.(\vol\vol0\etc\lclgroups.cfg)|
|<Access Code>||(Read:Read Attributes)|