You'd have to find the mechanism to programmatically convert to CSV - the data files are in MS evt format (but I'm sure it can be done).
1.) No - NFS doesn't have auditing that I recall
2.) DFM doesn't do this
3.) File Auditing does have some impact, but it's difficult to predict just how much - impact will depend on the amount of headroom you have left in your filer (current load). 7.2 will probably help a bit as the rumors of multi-threaded WAFL should be present (or maybe that's 7.3??)
Glenn
________________________________
From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com] On Behalf Of Hadrian Baron Sent: Tuesday, June 27, 2006 12:00 PM To: toasters@mathworks.com Subject: Any CIFS Audit scripts?
Hello everyone,
I've been running into issues with growing CIFS access and I need more visibility. I've searching google, toaster archive, NOW, and CPAN for something that will generate a report from the cifs audit logs and can't find anything. I find allusions to scripts, but no one posting them.
I will probably have to write a script myself but was wondering if there is anything already out there that someone would like to share.
Here is how I see the script going: Pull down cifs audit.evt files from the filer Convert to CSV Parse the csv and generate a report to show which users are hitting which shares & files Submit records to mysql or another db so we have a historical security audit log DB for cifs.
Three Qs: 1 - Would this work with NFS - it seems we lack NFS auditing with DOT. 2 - Is this something DFM could do? 3. What if any performance impact is seen by enabling NTFS file auditing (all options) for say 10 TB of data.
Any help or feedback would be appreciated. I'm running DOT 7.1 on a pair of 940cs.
-- Hadrian