Enabling file audit logging on a file system
This topic describes how to enable file audit logging on a file system in IBM Spectrum Scale™.
- Before enabling file audit logging, the message queue must be enabled. It can be enabled
automatically with the installation toolkit if the cluster contains at least three protocol nodes,
or it can be manually enabled using the mmmsgqueue command. If you do not have
three protocol nodes installed on your cluster, or want to define which nodes that the message queue
servers/brokers run on, you must define the nodes to run these servers. Enable the message queue
directly with the broker node list.Note: If the kafkaBrokerServers node class already exists, then the -N specified list will not be used.Issue a command similar to the following example:
For more information, see the mmmsgqueue command.mmmsgqueue enable { -N NodeName[,NodeName...] | NodeFile | NodeClass
- To enable a file system for file audit logging, issue the mmaudit command. If
the message queue has not been previously enabled, the first invocation of
mmaudit will also enable the message queue for the entire cluster.
For more information, see the mmaudit command.mmaudit Device enable
Note: If "object" is enabled on the file system that is holding the file audit log fileset, ensure that you have additional inodes defined for the file audit log fileset prior to enabling.