ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

Access logs audit

SVHO
yesterday
46 Views

 

We would like to start looking at certain shares regarding access,  modify, deletion the files.  The logs should contain one month of data.  Can this be done?

 

Also, we have a IBM SIEM which the logs could be sent to.   We are on the following version: NetApp Release 9.14.1P6

 

Thanks,

TT

 

 

 

0 Kudos
1 REPLY 1

chamfer
57m ago
3 Views

Hi @SVHO (TT),

 

I would start my reading the documents here Learn about auditing file access using ONTAP for both the SMB and NFS protocols .  NAS auditing will meet your requirements for share access, modify, deletion.

 

Sending NAS logging data to your SIEM needs to be done via a 3rd party collector, NetApp ONTAP cannot send it directly.  I would say that this is by design to reduce computational load on the NetApp, plus your 3rd party collector can do logging transform before you send it.

 

I hope that this helps. 

0 Kudos
Announcements
All Community Forums
Public