Network and Storage Protocols

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Network and Storage Protocols

Ask a Question

Native DOT options to enable NTFS share-level auditing of users

aachleman5
‎2011-02-02 09:26 AM
4,113 Views

Is there an option setting, session command switch or performance metric to measure CIFS share session usage on a per-user basis, for the purpose of setting specific user access levels?

0 Kudos
View By:
Tags (2)
5 REPLIES 5

ekashpureff
‎2011-02-02 11:28 AM
4,113 Views

Are you trying to audit the file access, monitor disk space usage, or bandwidth ?

All three can be done with Data ONTAP.

To file access see the 'cifs.audit' family of option settings, and the 'cifs audit' command.

For disk space usage see the 'quota' command and the /etc/quotas configuration file.

To monitor bandwidth usage see the 'cifs top' command with 'options cifs.per_client_stats.enable'.

Be aware that this can be a performance hit - you don't want to leave cifs.per_client_stats.enable turned on.


I hope this response has been helpful to you.


At your service,

Eugene E. Kashpureff
ekashp@kashpureff.org
Senior Systems Architect / NetApp Certified Instructor
http://www.linkedin.com/in/eugenekashpureff


(P.S. I appreciate points for helpful or correct answers.)



0 Kudos

paulcummings
‎2011-02-03 06:26 PM
In response to ekashpureff
4,113 Views

actually,  I'm wondering if cifs auditing can basically produce the output of,  or something close to:

          "cifs conections *  ":

... in a running logfile?

I guess I could always run an rsh script

froma unix box to run several times an hour for a few days to see what users are connecting to my

cifs   but i was just wondering if the cifs auditing features could capture this same information?

thanks.

0 Kudos

ekashpureff
‎2011-02-04 10:27 AM
In response to paulcummings
4,113 Views

Paul -

Yes, you can get audit records of clients connecting to shares.

See cifs.audit.logon_events.enable and the definitions of the other cifs.audit option settings.


I hope this response has been helpful to you.


At your service,

Eugene E. Kashpureff
ekashp@kashpureff.org
Senior Systems Architect / NetApp Certified Instructor
http://www.linkedin.com/in/eugenekashpureff


(P.S. I appreciate points for helpful or correct answers.)


0 Kudos

paulcummings
‎2011-02-07 03:05 PM
In response to ekashpureff
4,113 Views

had a typo in my last message. that should have read:

     cifs sessions *

wondering if the auditing options is capable of producing the same output as "cifs sessions *"

0 Kudos

paulcummings
‎2011-02-07 03:16 PM
In response to ekashpureff
4,113 Views

it looks like cifs.audit.login_events.enable and 'cifs top' don't tell you what cifs share they are hitting.  it tells you the IP address of the client and the domain\username of the client, reads/writes, etc - but share name is not listed.

0 Kudos
Announcements
All Community Forums
Public