Manually installing file audit logging

Use this information to manually install file audit logging on your system.

If you do not have three protocol nodes, you do not want to use protocol nodes as your message queue servers, or you want the flexibility of using the file audit logging CLI commands, the following steps can be performed to provide access to the most customizable setup.
Important: Before you can install file audit logging, you must have the required packages for IBM Spectrum Scale™ installed on the node.
  1. Ensure that the following two software packages (based on your OS) are installed on every node in the cluster that acts as a broker, ZooKeeper, producer, or any combination of the three.
    • For Red Hat Enterprise Linux:
      • gpfs.kafka-5.0*.rpm
      • gpfs.librdkafka-5.0*.rpm
      These packages are available in /usr/lpp/mmfs/5.0.x.x/gpfs_rpms/rhel7.
    • For Ubuntu Linux:
      • gpfs.kafka-5.0*.deb
      • gpfs.librdkafka-5.0*.deb
      These packages are available in /usr/lpp/mmfs/5.0.x.x/gpfs_debs/ubuntu16.
    Note:
    • For more information, see Requirements and limitations for file audit logging.
    • Start of changeIf you are only installing the packages for file audit logging on existing IBM Spectrum Scale nodes and this is not part of a cluster installation or upgrade, you must shut down and then restart the daemon in order for the producer to be able to load the required library.End of change
  2. Use the mmmsgqueue enable -N <Nodes> command where <Nodes> is one of the following options:
    • A comma-separated list of at least three qualifying nodes.
    • The full path to a file that contains at least three qualifying nodes with each node on a separate line.
    • An existing node class that contains at least three qualifying nodes.
    Note: This step will make the message queue use eligible Linux quorum nodes as ZooKeepers and the nodes specified by the -N option as message queue servers/brokers.
  3. After the IBM Spectrum Scale cluster is available and the file systems are mounted, use the mmaudit command for each file system that you want to enable for file audit logging.
    Note: By using the CLI command versus the installation toolkit, you have more options including the ability to choose different devices to host the audit fileset.

For more information about enabling file audit logging, see Configuring file audit logging.

Once you have enabled file audit logging for the desired file systems, the audit information is written to the defined audit filesets as described in the Introduction to file audit logging.

If you would prefer to use the installation toolkit instead, see Enabling and configuring file audit logging using the installation toolkit.

Parent topic: Installing file audit logging