An audit log records the operations performed on the storage cluster. An audit log allows you to verify when and by whom operations have been performed and to see if each operation performed to the storage system or user data complies with audit standards such as laws, regulations, industrial standards, and in-house stipulations.
An audit log can contain a maximum of 750,000 activities. If this maximum limit is exceeded, the log is overwritten in first-in-first-out basis.
An audit log is stored in the cluster master node (primary) and you can obtain it in either of the following ways:
-
Create an audit log file and download it to the controller node.
-
Configure transfer of audit logs to the Syslog server and obtain them from the Syslog server.
Each audit log created after Syslog transfer is set is transferred to the Syslog server. An audit log created before Syslog transfer is set is not transferred to the Syslog server.
The following Syslog server is supported.
-
Rsyslog 8