The audit share contains the active audit.log file and any compressed audit log files. For easy access to audit logs, you can configure client access to audit shares for both NFS and CIFS (deprecated). You can also access audit log files directly from the command line of the Admin Node.
Before you begin
- You must be a StorageGRID administrator with specific access permissions.
- You must have the Passwords.txt file. This file is included in the
Recovery Package
.zip
file.
- You must know the IP address of an Admin Node.
Steps
- Log in to an Admin Node:
- Enter the following command: ssh admin@Admin_Node_IP
- Enter the password listed in the Passwords.txt file.
- Enter the following command to switch to root: su -
- Enter the password listed in the Passwords.txt file.
When you are logged in as root, the prompt changes from $ to #.
- Go to the directory containing the audit log files: cd /var/local/audit/export
- View the current or a saved audit log file, as required.