Submitting forms on the support site are temporary unavailable for schedule maintenance. If you need immediate assistance please contact technical support. We apologize for the inconvenience.
Configuring/installing change auditor for EMC Isilon auditing
설명
Need to configure Change Auditor to audit EMC Isilon events.
해결 방안
Install EMC license using the Quest License manager.
Install the appropriate EMC Common Event Enabler (CEE) Framework on selected server where the Change Auditor agent service will be running.
Configure the firewall setting on your Isilon server if necessary so the CEE application can receive events from an Isilon server.
Change Auditor does not support automatic Isilon auditing configuration. To enable Isilon file server auditing, use the Isilon management web site UI and command line interface. See EMC OneFS Web Administration Guide and EMC OneFS CLI Administration Guide for more information.
Install the appropriate Change Auditor agent on the selected server.
Using the Change Auditor EMC Auditing Wizard manually enter the Isilon server name, making sure that the server name specified is the one configured in the Isilon auditing setting of the Isilon management web site UI.
On the Agent server, verify QCeeService installed and is started.
On the Agent server, open c:\Program Files\Common files\Quest shared\QCeeService.txt file and look for issues.
Verify the presence of the Quest Shared EMC Connector service and that the service is running.
Ping Isilon server from agent by short and long name
Ping agent server from EMC Isilon server by short and long name.
‘Volume’ auditing is not supported on Isilon servers and should not be used.
When specifying file and folder paths to be audited, the Isilon’s shared directory path should be used. You can find it in Isilon management web site UI by going to Protocols – Windows Sharing (SMB) – SMB Shares.
There is no need to enter information on the Logon Credentials dialog when configuring auditing on an Isilon server.
To audit the "File contents written" operations, you must audit "Close" operations on Isilon. To audit close
operations, use ISI zone zones modify command in the command line interface (CLI). Please note: If you have a Change Auditor version prior to 6.9.5, any folder/registry paths referenced may contain a non-Quest branded path.
