2020. 2. 7. 11:37ㆍ카테고리 없음
Configure NetApp Clustered Data ONTAP 8 and ONTAP 9 for MonitoringTo configure Clustered Data ONTAP 8 and ONTAP 9 for monitoring, perform the following procedures:.PrerequisitesNetwrix assumes that you are aware of basic installation and configuration steps. If not, refer to the following administration and management guides. VersionRelated documentationClustered Data ONTAP 8.2.Clustered Data ONTAP 8.3.ONTAP 9.0 - 9.5.Perform the steps below before proceeding with audit configuration:.Configure CIFS server and make sure it functions properly.NOTE: NFS file shares are not supported. Configure System Access Control List (SACL) on your file share. Set the Security Style for Volume or Qtree where the audited file shares are located to the 'ntfs' or 'mixed'.Configure audit manually.
For 8.3, review the Auditing NAS events on SVMs with FlexVol volumes section inNOTE: The current version of Netwrix Auditor does not support auditing of Infinite Volumes.Configure ONTAPI Web AccessNetwrix Auditor uses ONTAPI to obtain the current CIFS audit configuration and force the audit data flush from the internal filer format to an MS Event Viewer compatible format. Netwrix Auditor supports both the SSL and non-SSL HTTP access, trying HTTPS first, and falling back to HTTP if it is unavailable.Navigate to your cluster command prompt through the SSH/Telnet connection.Log in as a cluster administrator and review your current web access settings. Make sure that External Web Services are allowed. For example: cluster1::systemservicesweb showExternal Web Services:trueStatus:onlineHTTP Protocol Port:80HTTPs Protocol Port:443TLSv1 Enabled:trueSSLv3 Enabled:trueSSLv2 Enabled:false.Enable ONTAPI access on the SVM where CIFS server is set up and configured. The example command output shows correct web access settings where vs1 is your SVM name. Cluster1::vserverservices web show -vserver vs1VserverTypeService NameDescriptionEnabled-vs1dataontapiRemote Administrative APItrueSupport.Enable HTTP/HTTPS access.
Netapp Cdot Commands
For example:cluster1:: vserver services web modify -vserver vs1 -name ontapi -enabled true.Enable only SSL access (HTTPS in Netwrix Auditor). For example:cluster1:: vserver services web modify -vserver vs1 -name ontapi -enabled true -ssl-only true.Make sure that the builtin vsadmin role or a custom role (e.g., fsarole) assigned to your account specified for data collection can access ONTAPI. For example: cluster2:: vserver services web access show -vserver vs2VserverTypeService NameRole-vs2dataontapifsarolevs2dataontapivsadminvs2dataontapivsadmin-protocolvs2dataontapivsadmin-readonlyvs2dataontapivsadmin-volume5 entries were displayed.Configure Firewall PolicyConfigure firewall to make file shares and Clustered Data ONTAP HTTP/HTTPS ports accessible from the computer where Netwrix Auditor Server is installed. Your firewall configuration depends on network settings and security policies in your organization.
The syslog.conf configuration file. Message logging is done by a syslogd daemon. By default, all system messages (except those with debug-level severity) are sent to the console and logged in the /etc/messages file.
Below is an example of configuration:. Navigate to your cluster command prompt through the SSH/Telnet connection.Log in as a cluster administrator and review your current firewall configuration. For example: cluster1:: system services firewall showNodeEnabledLogging-cluster1-01truefalse.Create firewall policy or edit existing policy to allow HTTP/HTTPS (note that modifying a policy you may overwrite some settings). Configure audit settings in the context of Cluster or Storage Virtual Machine.
All examples in the procedure below apply to SVM, to execute commands in the context of Cluster, add -vserver name, where name is your server name. Navigate to command prompt through the SSH/Telnet connection.Log in as a cluster administrator and switch to the context of SVM from the cluster. For example to switch to the SVM called vs1:cluster1:: vserver context -vserver vs1After a switch, you will be in the context of SVM:vs1::.Create and enable audit. For more information on audit configuration, refer to NetApp documentation. For example: To.Execute.Create auditvs1:: vserver audit create -destination In the example above, the vserver audit create -destination /audit command executed on the vs1 SVM creates and enables audit on the volume /audit.NOTE: Netwrix Auditor accesses audit logs via file shares.