Changes to audit logging in ONTAP 9
-
PDF of this doc site
- Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
Logical storage management with the CLI
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
-
Configure NFS with the CLI
- Security and data encryption
-
Data protection and disaster recovery
Collection of separate PDF docs
Creating your file...
Beginning with ONTAP 9, the command-history.log
file is replaced by audit.log
, and the mgwd.log
file no longer contains audit information. If you are upgrading to ONTAP 9, you should review any scripts or tools that refer to the legacy files and their contents.
After upgrade to ONTAP 9, existing command-history.log
files are preserved. They are rotated out (deleted) as new audit.log
files are rotated in (created).
Tools and scripts that check the command-history.log
file might continue to work, because a soft link from command-history.log
to audit.log
is created at upgrade. However, tools and scripts that check the mgwd.log
file will fail, because that file no longer contains audit information.
In addition, audit logs in ONTAP 9 and later no longer include the following entries because they are not considered useful and cause unnecessary logging activity:
-
Internal commands run by ONTAP (that is, where username=root)
-
Command aliases (separately from the command they point to)
Beginning with ONTAP 9, you can transmit the audit logs securely to external destinations using the TCP and TLS protocols.