跳转到主内容

是否可以确定哪些用户篡改了AIQUM中的审核日志?

Views:
3
Visibility:
Public
Votes:
0
Category:
active-iq-unified-manager
Specialty:
om
Last Updated:

适用场景

Active IQ Unified Manager - AIQUM

问题解答

  • 无法执行此操作、因为不会根据数据库中记录的更改触发警报
  • AIQUM会将审核日志存储在myql数据库中、并在执行此操作时根据日志文件生成签名
  • AIQUM会定期将当前签名结果与已存储的签名结果进行比较
  • 如果出现不匹配、则会触发警报: Audit log File audit.<DATETIME>.gz got tampered
NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.