Audit Log Messages - Brocade Communications Systems SN3000B Reference
Message reference
Hide thumbs
Also See for SN3000B:
- Command reference manual (1132 pages) ,
- Administrator's manual (282 pages) ,
- Documentation update (60 pages)
Table of Contents
Advertisement
1
Overview of system messages
For information on displaying and clearing the RASLog messages, refer to
system message logs"
Audit log messages
Event auditing is designed to support post-event audits and problem determination based on
high-frequency events of certain types such as security violations, zoning configuration changes,
firmware downloads, and certain types of fabric events. Audit messages flagged as AUDIT are not
saved in the switch error logs. The switch can be configured to stream Audit messages to the switch
console and to forward the messages to specified syslog servers. The Audit log messages are not
forwarded to an SNMP management station. There is no limit to the number of audit events.
The following is an example of an Audit message.
0 AUDIT, 2001/01/14-06:07:33 (UTC), [SULB-1003], INFO, FIRMWARE,
admin/admin/10.70.4.102/telnet/CLI ad_0/switch, , Firmwarecommit has started.
For any given event, Audit messages capture the following information:
•
•
•
•
The seven event classes described in
TABLE 1
Operand Event class
1
2
3
4
5
6
7
Fabric OS v7.0.1 generates component-specific Audit messages. Refer to
2
on page 15.
User Name - The name of the user who triggered the action.
User Role - The access level of the user, such as root or admin.
Event Name - The name of the event that occurred.
Event Information - Information about the event.
Event classes
Description
Zone
You can audit zone event configuration changes, but not the actual
values that were changed. For example, you may receive a message
that states "Zone configuration has changed," but the message
does not display the actual values that were changed.
Security
You can audit any user-initiated security event for all management
interfaces. For events that have an impact on the entire fabric, an
audit is only generated for the switch from which the event was
initiated.
Configuration
You can audit configuration downloads of existing SNMP
configuration parameters. Configuration uploads are not audited.
Firmware
You can audit configuration downloads of existing SNMP
configuration parameters. Configuration uploads are not audited.
Fabric
You can audit Administration Domain-related changes.
FW
You can audit Fabric Watch (FW)-related changes.
LS
You can audit Virtual Fabric (Logical Switch)-related changes.
Table 1
can be audited.
"Displaying and clearing
"Audit Log
Messages".
Fabric OS Message Reference
53-1002448-01
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
Chapters
Table of Contents
