Accessing the audit log file

The audit share contains the active audit.log file and any compressed audit log files. For easy access to audit logs, you can configure client access to audit shares for both NFS and CIFS (deprecated). You can also access audit log files directly from the command line of the Admin Node.

Before you begin

Steps

  1. Log in to an Admin Node:
    1. Enter the following command: ssh admin@Admin_Node_IP
    2. Enter the password listed in the Passwords.txt file.
    3. Enter the following command to switch to root: su -
    4. Enter the password listed in the Passwords.txt file.
      When you are logged in as root, the prompt changes from $ to #.
  2. Go to the directory containing the audit log files: cd /var/local/audit/export
  3. View the current or a saved audit log file, as required.