Fabric OS 5.2.x administrator guide
53
How to configure an audit log for specific event classes
1.
Connect to the switch from which you wish to generate an audit log and log in as admin.
2.
Enter the
auditCfg --class
command, which defines the specific event classes to be filtered.
The
auditCfg
event class operands are identified in
Table 6
3.
Enter the
auditCfg --enable
command, which enables audit event logging based on the classes
configured in
step 2
.
To disable an audit event configuration, enter the
auditCfg --disable
command.
4.
Enter the
auditCfg --show
command to view the filter configuration and confirm that the correct
event classes are being audited, and the correct filter state appears (enabled or disabled).
To verify the audit event log setup, make a change affecting an enabled event class, and confirm that
the remote host machine receives the audit event messages.
The following example shows the SYSLOG (system message log) output for audit logging.
Shutting down switches and Directors
To avoid corrupting your file system, it is recommended that you perform graceful shutdowns of switches
and Directors.
To power off a Director gracefully (Prior to 5.1.0)
For Directors running Fabric OS versions
prior
to 5.1.x, the following procedure describe how to gracefully
shut down a Director:
1.
Verify which CP is the active CP, and log in to the active CP using a Serial Console connection.
2.
On the standby CP, set the slider switch to the off position, or eject the standby CP from the chassis. This
disables the standby CP.
3.
Enter the
reboot
command from the active CP. This will gracefully take down the system.
4.
When you see the “Press escape within 4 seconds to enter boot interface” message, press ESC to
suspend the active CP.
5.
Power off the chassis by flipping both AC power switches to “0” (LEDs inside AC power switches should
turn off). To maintain the ground connection, leave both power cords connected to the chassis and to
an electrical outlet.
For both switches and Directors running Fabric OS 5.1.0 and later, it is recommended that you use the
following graceful shutdown procedures.
switch:admin>
auditcfg --class 2,4
Audit filter is configured.
switch:admin>
auditcfg --enable
Audit filter is enabled.
switch:admin>
auditcfg --show
Audit filter is enabled.
2-SECURITY
4-FIRMWARE
Jun 2 08:33:04 [10.32.220.7.2.2] raslogd: AUDIT, 2006/06/02-15:25:53,
[SULB-1003], INFO, FIRMWARE, root/root/NONE/console/CLI, ad_0/ras007_chassis, ,
Firmwarecommit has started.
Jun 5 06:45:33 [10.32.220.70.2.2] raslogd: AUDIT, 2006/06/05-13:38:17,
[CONF-1010], INFO, CONFIGURATION, root/root/NONE/
console/CLI, ad_0/ras070, , configDownload failed
Jun 5 08:15:32 [10.32.248.73.2.2] raslogd: AUDIT, 2006/06/05-13:38:17,
[SEC-1000], WARNING, SECURITY, JaneDoe/root/192.168.132.19/
telnet, Domain A/DoeSwitch, , Incorrect password during login attempt.
Содержание AE370A - Brocade 4Gb SAN Switch 4/12
Страница 1: ...HP StorageWorks Fabric OS 5 2 x administrator guide Part number 5697 0014 Fifth edition May 2009 ...
Страница 18: ...18 ...
Страница 82: ...82 Managing user accounts ...
Страница 102: ...102 Configuring standard security features ...
Страница 126: ...126 Maintaining configurations ...
Страница 198: ...198 Routing traffic ...
Страница 238: ...238 Using the FC FC routing service ...
Страница 260: ...260 Administering FICON fabrics ...
Страница 280: ...280 Working with diagnostic features ...
Страница 332: ...332 Administering Extended Fabrics ...
Страница 414: ...398 Configuring the PID format ...
Страница 420: ...404 Configuring interoperability mode ...
Страница 426: ...410 Understanding legacy password behaviour ...
Страница 442: ...426 ...
Страница 444: ......
Страница 447: ......