I have the below command to create a policy for audit logging.
vserver audit create -vserver <vserver name> -destination <Unix Path> -rotate-schedule-minute <minute of the hour> -rotate-limit <no.of log files>
What is the destination here ?
its says <unix Path> but what exactly is a unix path?
In our system we have CIFS protocol licensing only. Therefore I cannot create a nfs export to facilitate a unix path.
can you please guide me?
Also do you guys have something like a general case, sample command in use for the above?
See The Solution
For Clustered Data ONTAP 8.3 CIFS and NFS Auditing Guide refer https://library.netapp.com/ecm/ecm_download_file/ECMLP2426796
The UNIX path is just a path within your name space. I recommend creating a new volume (and a qtree if required) for storing the audit logs.
I implemented audit logging for a customer a few weeks ago, here are the steps:
The following links might be useful:
How to set up CIFS auditing with clustered Data ONTAP
Clustered Data ONTAP CIFS Auditing Quick Start Guide
I hope this helps!
View solution in original post