HP X9320 Guide de l'utilisateur télécharger pdf (Page 12)

ibrix_audit_reports

Generates audit reports.

Description

The ibrix_audit_reports command generates reports for events stored in an Express Query

database’s audit log tables for a given file system. You can select the types of events you want to

include in the report, and you can specify a start and end date for the report.

Synopsis

Generate an audit report:

ibrix_audit_reports -t SORT_ORDER -f FILESYSTEM [-p PATH] [-b BEGIN_DATE]

[-e END_DATE] [-o class1[,class2,...]]

Generates an audit report. The report output file is stored in the file system to which it applies, in

the directory <mountpoints>/.archiving/reports. The file name has the pattern

audit_report_for_<file_system_name>_type_<report type>_at_<integer epoch

timestamp>.csvThe file is in a comma-separated value (CSV) format with a header row.

The -t option specifies the sort order of the report, where SORT_ORDER is one of the following:

• time — lists all events ordered by timestamp

• path — lists all file events ordered by pathname

The -o option specifies the classes of events to be included in the report. (See “Audit events,” later

in this section, for the supported events.) Enter all to include all events.

The following example provides a chronological event history of the ibrixfs1 file system. The

event list includes all events from 01/17/2011 (because no time is supplied, the report starts at

00:00:00) to 01/17/2011 at 10:30.

ibrix_audit_reports -t time -f ibrixfs1 -o all -b "01/17/2011" -e

"01/17/2011 10:30"

The next example provides a chronological event history of the file /logs/secret.txt in the

ibrixfs1 file system. The event list includes only the file_created and report_ended

events.

ibrix_audit_reports -t path -f ibrixfs1 -p /logs/secret.txt -o

file_created,report_ended

Set the expiration policy for audit reports on a file system:

ibrix_audit_reports -s POLICY -f FILESYSTEM

The POLICY is one of the following:

• forever — audit reports are not deleted from the file system

• xxD — audit reports are kept for the specified number of days (for example, 90D specifies

that reports should be kept for 90 days)

• xxM — audit reports are kept for the specified number of months

• xxY — audit reports are kept for the specified number of years

Display the current expiration policy for a file system or all file systems:

ibrix_audit_reports -g [-f FILESYSTEM]

Set the global audit report expiration schedule of a file system:

ibrix_audit_reports -y SCHEDULE -f FILESYSTEM

Sets the global audit report expiration schedule for a file system (the time at which report output

files stored in the file system at <mountpoint>/.archiving/reports will be deleted from

12 StoreAll software commands

1 2 ... 7 8 9 10 11 12 13 14 15 16 17 ... 197 198

Commentaires sur ces manuels

Pas de commentaire

HP X9320 Guide de l'utilisateur Page 12

Commentaires sur ces manuels

Produits connexes et manuels pour Logiciel HP X9320