Modify an S3 auditing configuration

Contributors

If you want to modify the auditing parameters of individual buckets or the auditing configuration of an SVM, you must first disable auditing for the SVM, then run the appropriate modify commands.

About this task

When you modify audit configurations for buckets, you can choose to have the new values affect a single bucket or all the buckets selected for audit in that SVM.

When you modify audit configurations for SVMs, the new values affect all the buckets selected for audit in that SVM.

Procedure
  1. Disable S3 auditing:

    vserver object-store-server audit disable -vserver svm_name

  2. Modify the auditing configuration:

    If you want to modify the configuration for…​ Enter…​

    Buckets

    vserver object-store-server audit event-selector modify -vserver svm_name [-bucket bucket_name] [parameters to modify]

    SVMs

    vserver object-store-server audit modify -vserver svm_name [parameters to modify]

  3. Re-enable S3 auditing:

    vserver object-store-server audit enable -vserver svm_name

Examples

The following example modifies the bucket auditing configuration to audit only write-only access events:

cluster1::> vserver object-store-server audit event-selector modify -vserver vs1 -bucket test-bucket -access write-only

The following example modifies the SVM auditing configuration to change the log size limit to 10MB and to retain 3 log files before rotating.

cluster1::> vserver object-store-server audit modify -vserver vs1 -rotate-size 10MB -rotate-limit 3