Skip to main content

Changing audit message levels

Contributors netapp-lhalbert
PDFs

You can adjust audit levels to increase or decrease the number of audit messages recorded in the audit log for each audit message category.

What you'll need

  • You must be signed in to the Grid Manager using a supported browser.

  • You must have specific access permissions.

About this task

The audit messages recorded in the audit log are filtered based on the settings on the Configuration > Monitoring > Audit page.

You can set a different audit level for each of the following categories of messages:

  • System: By default, this level is set to Normal.

  • Storage: By default, this level is set to Error.

  • Management: By default, this level is set to Normal.

  • Client Reads: By default, this level is set to Normal.

  • Client Writes: By default, this level is set to Normal.

Note These defaults apply if you initially installed StorageGRID using version 10.3 or later. If you have upgraded from an earlier version of StorageGRID, the default for all categories is set to Normal.
Note During upgrades, audit level configurations will not be effective immediately.
Steps

  1. Select Configuration > Monitoring > Audit.

    screen shot of Configuration > Audit

  2. For each category of audit message, select an audit level from the drop-down list:

    Audit level Description

    Off

    No audit messages from the category are logged.

    Error

    Only error messages are logged—​audit messages for which the result code was not "successful" (SUCS).

    Normal

    Standard transactional messages are logged—​the messages listed in these instructions for the category.

    Debug

    Deprecated. This level behaves the same as the Normal audit level.

    The messages included for any particular level include those that would be logged at the higher levels. For example, the Normal level includes all of the Error messages.

  3. Under Audit Protocol Headers, enter the name of the HTTP request headers to be included in Client Read and Client Write audit messages. Use an asterisk (*) as a wildcard, or use the escape sequence (\*) as a literal asterisk. Click the plus sign to create a list of header name fields.

    Note Audit protocol headers apply to S3 and Swift requests only.

    When such HTTP headers are found in a request, they are included in the audit message under the field HTRH.

    Note Audit protocol request headers are logged only if the audit level for Client Reads or Client Writes is not Off.

  4. Click Save.

Related information

System audit messages

Object storage audit messages

Management audit message

Client read audit messages

Administer StorageGRID