yexinru/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
Files
0b3a43371a4bcc99577594de0a685249d676a567
doc-exports/docs/mrs/umn/admin_guide_000086.html
Yang, Tong 2195db241c MRS UMN 20231220 version update 
Reviewed-by: Pruthi, Vineet <vineet.pruthi@t-systems.com>
Reviewed-by: Rechenburg, Matthias <matthias.rechenburg@t-systems.com>
Co-authored-by: Yang, Tong <yangtong2@huawei.com>
Co-committed-by: Yang, Tong <yangtong2@huawei.com>
2024-05-16 09:40:21 +00:00

98 lines
12 KiB
HTML
Raw Blame History

<a name="admin_guide_000086"></a><a name="admin_guide_000086"></a>
<h1 class="topictitle1">Configuring Audit Log Dumping</h1>
<div id="body1529658735913"><div class="section" id="admin_guide_000086__section3692359"><h4 class="sectiontitle">Scenario</h4><p id="admin_guide_000086__p7934768">The audit logs of <span id="admin_guide_000086__text15946118176">MRS</span> Manager are stored in the database by default. If the audit logs are retained for a long time, the disk space of the data directory may be insufficient. To store audit logs to another archive server, administrators can set the required dump parameters to automatically dump these logs. This facilitates the management of audit logs.</p>
<p id="admin_guide_000086__p4304052">If you do not configure the audit log dumping, the system automatically saves the audit logs to a file when the number of audit logs reaches 100,000 pieces. The save path is <strong id="admin_guide_000086__b12630111181010">${BIGDATA_DATA_HOME} /dbdata_om/dumpData/iam/operatelog</strong> on the active management node. The file name format is <strong id="admin_guide_000086__b0871650131017">OperateLog_store_</strong><em id="admin_guide_000086__i860015671013">YY_MM_DD_HH_MM_SS</em><strong id="admin_guide_000086__b146617001120">.csv</strong>. The maximum number of historical audit log files is 50.</p>
</div>
<div class="section" id="admin_guide_000086__section125731814122710"><h4 class="sectiontitle">Procedure</h4><ol id="admin_guide_000086__ol13083945"><li id="admin_guide_000086__li50646643"><span>Log in to <span id="admin_guide_000086__text987614189451">MRS</span> Manager.</span></li><li id="admin_guide_000086__li8737446"><span>Choose <strong id="admin_guide_000086__b1316124491110">Audit</strong> &gt; <strong id="admin_guide_000086__b176519468113">Configuration</strong>.</span></li><li id="admin_guide_000086__en-us_topic_0046736864_li13203115"><span>Click the switch on the right of <strong id="admin_guide_000086__b101158270275">Audit Log Dumping Flag</strong>.</span><p><p id="admin_guide_000086__p3891126152912"><strong id="admin_guide_000086__b6810185016276">Audit Log Dump</strong> is disabled by default. If <span><img id="admin_guide_000086__image1156484921112" src="en-us_image_0000001442653657.png"></span> is displayed, <strong id="admin_guide_000086__b1972761023110">Audit Log Dump</strong> is enabled.</p>
</p></li><li id="admin_guide_000086__li1296515551478"><span>Set the dump parameters based on information provided in <a href="#admin_guide_000086__table61365090">Table 1</a></span><p>
<div class="tablenoborder"><a name="admin_guide_000086__table61365090"></a><a name="table61365090"></a><table cellpadding="4" cellspacing="0" summary="" id="admin_guide_000086__table61365090" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Audit log dump parameters</caption><thead align="left"><tr id="admin_guide_000086__row64025225"><th align="left" class="cellrowborder" valign="top" width="25%" id="mcps1.3.2.2.4.2.1.2.4.1.1"><p id="admin_guide_000086__p18660759"><strong id="admin_guide_000086__b3981050154813">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="60%" id="mcps1.3.2.2.4.2.1.2.4.1.2"><p id="admin_guide_000086__p26673003"><strong id="admin_guide_000086__b18521205174818">Description</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="15%" id="mcps1.3.2.2.4.2.1.2.4.1.3"><p id="admin_guide_000086__p9979135663220"><strong id="admin_guide_000086__b2047655218484">Value</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="admin_guide_000086__row6644528171420"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p13644182811420">SFTP IP Mode</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p312444631414">Mode of the destination IP address. The value can be <strong id="admin_guide_000086__b1029791754112">IPv4</strong> or <strong id="admin_guide_000086__b8833618144117">IPv6</strong>.</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><p id="admin_guide_000086__p186440282147">IPv4</p>
</td>
</tr>
<tr id="admin_guide_000086__row42983324"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p59097201">SFTP IP</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p48832853">SFTP server for storing dumped audit logs. You are advised to use the SFTP service based on SSH v2 to prevent security risks.</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><p id="admin_guide_000086__p898905663216"><strong id="admin_guide_000086__b137311014125515">192.168.10.51</strong> (example value)</p>
</td>
</tr>
<tr id="admin_guide_000086__row36842501"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p31452636">SFTP Port</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p988213">Connection port of the SFTP server for storing dumped audit logs</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><p id="admin_guide_000086__p1899125610327"><strong id="admin_guide_000086__b1913353295515">22</strong> (example value)</p>
</td>
</tr>
<tr id="admin_guide_000086__row8893924"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p49319253">Save Path</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p51788984">Path for storing audit logs on the SFTP server</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><p id="admin_guide_000086__p189921156143215"><strong id="admin_guide_000086__b93992124560">/opt/omm/oms/auditLog</strong> (example value)</p>
</td>
</tr>
<tr id="admin_guide_000086__row63447679"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p38988373">SFTP Username</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p50835381">User name for logging in to the SFTP server</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><p id="admin_guide_000086__p0994656153217"><strong id="admin_guide_000086__b14911957574">root</strong> (example value)</p>
</td>
</tr>
<tr id="admin_guide_000086__row54865253"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p14900505">SFTP Password</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p51712972">Password for logging in to the SFTP server</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><p id="admin_guide_000086__p7997175673219"><em id="admin_guide_000086__i16219221790">Password for logging into the SFTP server</em></p>
</td>
</tr>
<tr id="admin_guide_000086__row62763565"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p50684010">SFTP Public key</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p13373218">Specifies the public key of the SFTP server. This parameter is optional. You are advised to set the public key of the SFTP server. Otherwise, security risks may exist.</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><p id="admin_guide_000086__p1035719322">-</p>
</td>
</tr>
<tr id="admin_guide_000086__row16742131916488"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p185301622124811">Dumping Mode</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p7532722194818">Dump mode. Value options are as follows:</p>
<ul id="admin_guide_000086__ul85323224486"><li id="admin_guide_000086__li7532622104812"><strong id="admin_guide_000086__b131485256590">By Quantity</strong>: If the number of pieces of logs reaches the value of this parameter (<strong id="admin_guide_000086__b74955514198">100000</strong> by default), the logs are dumped.</li><li id="admin_guide_000086__li145331922174817"><strong id="admin_guide_000086__b1261705617397">By Time</strong>: specifies the date when logs are dumped. The dumping frequency is once a year.</li></ul>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><ul id="admin_guide_000086__ul8534322154810"><li id="admin_guide_000086__li18536162284819">By Quantity</li><li id="admin_guide_000086__li15536722104815">By Time</li></ul>
</td>
</tr>
<tr id="admin_guide_000086__row53250102"><td class="cellrowborder" valign="top" width="25%" headers="mcps1.3.2.2.4.2.1.2.4.1.1 "><p id="admin_guide_000086__p18291030">Dumping Date</p>
</td>
<td class="cellrowborder" valign="top" width="60%" headers="mcps1.3.2.2.4.2.1.2.4.1.2 "><p id="admin_guide_000086__p16803624">This parameter is available only when <strong id="admin_guide_000086__b20704174015448">Dumping Mode</strong> is set to <strong id="admin_guide_000086__b137381342446">By time</strong>. After you select a dump date, the system starts dumping on this date. The logs to be dumped include all the audit logs generated before January 1 00:00 of the current year.</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.2.2.4.2.1.2.4.1.3 "><p id="admin_guide_000086__p811057203218">11-06</p>
</td>
</tr>
</tbody>
</table>
</div>
<div class="note" id="admin_guide_000086__note17014888"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p class="text" id="admin_guide_000086__p9108597">If the SFTP public key is empty, the system displays a security risk warning. Evaluate the security risk and then save the configuration.</p>
</div></div>
</p></li><li id="admin_guide_000086__li26624595"><span>Click <strong id="admin_guide_000086__b73281412154813">OK</strong> to complete the settings.</span><p><div class="note" id="admin_guide_000086__note38294768"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><div class="p" id="admin_guide_000086__p10548625133414">Key fields in the audit log dump file are as follows:<ul id="admin_guide_000086__ul105501125133416"><li id="admin_guide_000086__li155062514347"><strong id="admin_guide_000086__b170513431503">USERTYPE</strong> indicates the user type. Value <strong id="admin_guide_000086__b1140394935010">0</strong> indicates a human-machine user, and value <strong id="admin_guide_000086__b1113319578509">1</strong> indicates a machine-machine user.</li><li id="admin_guide_000086__li355115258348"><strong id="admin_guide_000086__b1715111255113">LOGLEVEL</strong> indicates the security level. Value <strong id="admin_guide_000086__b895615192515">0</strong> indicates Critical, value <strong id="admin_guide_000086__b163501233145117">1</strong> indicates Major, value <strong id="admin_guide_000086__b28348433512">2</strong> indicates Minor, and value <strong id="admin_guide_000086__b28231053115117">3</strong> indicates Warning.</li><li id="admin_guide_000086__li175511325163411"><strong id="admin_guide_000086__b1578619110532">OPERATERESULT</strong> indicates the operation result. Value <strong id="admin_guide_000086__b18188179135319">0</strong> indicates that the operation is successful, and value <strong id="admin_guide_000086__b1753713366547">1</strong> indicates that the operation is failed.</li></ul>
</div>
</div></div>
</p></li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="admin_guide_000084.html">Audit</a></div>
</div>
</div>
View Git Blame Copy Permalink