blee

Nimble OS 2.3 – Audit Log

Blog Post created by blee on Jul 28, 2015

by Ben Lee

 

All infrastructure teams have had it happen, at least once. Change management windows are well-managed, change control processes in place, and yet something goes wrong. How do you track it down?

 

The ability to track all changes made to a system, especially one as critical as your data storage, is essential for many reasons. Across all sectors, scrutiny of corporate data security is at an all-time high. Publicly traded companies, healthcare, sales transactions, government, et cetera ad infinitum, are all responsible for auditing the security of their data systems as government-mandated process. Many other companies that are not required to pass certain minimum requirements will still self-impose system audits for safety reasons.

 

If your organization falls into one or more of these various categories, you know how hard it can be just to collect the necessary information.

 

Nimble OS 2.3 addresses this issues with a robust new Audit Log feature.

 

Now tracking changes in the Nimble system is as simple as logging into your GUI or CLI. Sorting, searching, and filtering can all be done easily and quickly. In the GUI you’ll find it under Monitor > Audit Log. The CLI command is, simply, auditlog.

MenuAuditLog.png

 

GUI-based screen for accessing the Audit Log:

 

GUIAuditLog.png

CLI Interface:

CLIAuditLog2.png

 

Audit log records are classified into the following activity categories:

  • Data Provisioning (volumes, performance policy, pool)
  • Data Access (ACL, encryption)
  • Data Protection (snap, replication, partner)
  • User Access (login, user administration)
  • System Configuration (networking, array setup, add/remove, shelf add/remove)
  • Software Update

 

Audit Logs are kept for the following access types:

  • API
  • CLI
  • GUI

 

It is extremely simple to filter, sort, and search all of the records by one or more of these criteria.

 

One of the great side effects of tracking user activity in the Audit Log is that the Nimble can present this information to you in different ways and places.  For example, in the Manage Users screen (available only to Administrators), you can see all of the recent activity for each user just by clicking on their name in the left panel.

 

SecurityAuditLog.png

 

In short, Nimble OS 2.3 Audit Log is a great and easy way to track down changes, check security, and keep those pesky auditors happy with all of the details they need.

Outcomes