The audit share is automatically enabled as a read-only share.
Before you begin
- You must have the Passwords.txt file with the root/admin password (available in the SAID package).
- You must have the Configuration.txt file (available in the SAID package).
- The audit client must be using NFS Version 3 (NFSv3).
About this task
Perform this procedure for each Admin Node in a
StorageGRID deployment from which you want to retrieve audit messages.
Procedure
- From the service laptop, log in to the primary Admin Node:
- Enter the following command: ssh admin@primary_Admin_Node_IP
- Enter the password listed in the Passwords.txt file.
- Enter the following command to switch to root: su -
- Enter the password listed in the Passwords.txt file.
When you are logged in as root, the prompt changes from $ to #.
- Confirm that all services have a state of Running or Verified. Enter: storagegrid-status
If any services are not listed as Running or Verified, resolve issues before continuing.
- Return to the command line, press Ctrl+C.
- Start the NFS configuration utility. Enter: config_nfs.rb
-----------------------------------------------------------------
| Shares | Clients | Config |
-----------------------------------------------------------------
| add-audit-share | add-ip-to-share | validate-config |
| enable-disable-share | remove-ip-from-share | refresh-config |
| | | help |
| | | exit |
-----------------------------------------------------------------
- Add the audit client: add-audit-share
- When prompted, enter the audit client’s IP address or IP address range for the audit share: client_IP_address
- When prompted, press Enter.
- If more than one audit client is permitted to access the audit share, add the IP address of the additional user: add-ip-to-share
- Enter the number of the audit share: audit_share_number
- When prompted, enter the audit client’s IP address or IP address range for the audit share: client_IP_address
- When prompted, press Enter.
The NFS configuration utility is displayed.
- Repeat step 6 for each additional audit client that has access to the audit share.
- Optionally, verify your configuration.
- Enter the following: validate-config
The services are checked and displayed.
- When prompted, press Enter.
The NFS configuration utility is displayed.
- Close the NFS configuration utility: exit
- Determine if you must enable audit shares at other sites.
- If the StorageGRID deployment is a single site, go to step 9.
- If the StorageGRID deployment includes Admin Nodes at other sites, enable these audit shares as required:
- Remotely log in to the site’s Admin Node:
- Enter the following command: ssh admin@grid_node_IP
- Enter the password listed in the Passwords.txt file.
- Enter the following command to switch to root: su -
- Enter the password listed in the Passwords.txt file.
- Repeat steps 4 through 7.c to configure the audit shares for each additional Admin Node.
- Close the remote secure shell login to the remote Admin Node. Enter: exit
- Log out of the command shell: exit
NFS audit clients are granted access to an audit share based on their IP address. Grant access to the audit share to a new NFS audit client by adding its IP address to the share, or remove an existing audit client by removing its IP address.