An audit log keeps track of action commands that are issued
through a Secure Shell (SSH) session or through the SAN Volume Controller Console.
The audit log entries provide the following information:
- Identity of the user who issued the action command
- From the command-line interface, the user name (administrator
or service), and the label that is associated with the user's
public SSH key in the authorized keys file
- From the native Web pages, the user's identity (admin[web] or
service[web]) according to which user name the user authenticated
with
- From the SAN Volume Controller Console,
the user's identity (administrator), the label that is associated
with the CIMOM key in the authorized keys file, and the user
name that has been recorded by the CIMOM when the SAN Volume Controller Console user
authenticated with the CIMOM
- The name of the actionable command
- The timestamp of when the actionable command was issued on the
configuration node
- The parameters which were issued with the actionable command
The following commands are not documented in the audit log:
- svctask dumpconfig
- svctask cpdumps
- svctask cleardumps
- svctask finderr
- svctask dumperrlog
- svctask dumpinternallog
The following items are also not documented in the audit
log:- Commands that fail are not logged
- A result code of 0 (success) or 1 (success in progress) is not
logged
- Result object ID of node type (for the addnode command) is not
logged
- Views are not logged