Command Auditing (asg log audit)

Use the CLI command auditing to:

  • Notify users about critical actions they are about to do

  • Obtain confirmation for critical actions

  • Create forensic logs

If users confirm the action, it is necessary to supply their names and provide a reason for running the command.

If the command affects a Critical Device (Pnote), a second confirmation can be required.

For example, if you use administrative privileges to change the state of a Security GroupClosed A logical group of Security Gateway Modules that provides Active/Active cluster functionality. A Security Group can contain one or more Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway. Member to DOWN, the output looks like this:

[Expert@MyChassis-ch0x-0x:0]# asg_sgm_admin -b 2_01 down

You are about to perform sgm_admin down on blades: 2_01

 

Are you sure? (y - yes, any other key - no) y

 

sgm_admin down requires auditing

Enter your full name: John Smith

Enter reason for sgm_admin down [Maintenance]: Maintenance

WARNING: sgm_admin down on SGM: 2_01, User: John Smith, Reason: Maintenance

Description

Use the "asg log audit" command to see the audit logs.

Syntax

asg log audit

Example

[Expert@MyChassis-ch0x-0x:0]# asg log audit

Aug 11 14:14:21 2_01 WARNING: Chassis admin-state up on chassis: 1, User: johnsmith, Reason: Maintenance

Aug 11 16:45:15 2_01 WARNING: Reboot on blades: 1_01,1_02,1_03,1_04,1_05,2_02,2_03,2_04,2_05, User: johnsmith, Reason: Maintenance

Aug 18 14:28:57 2_01 WARNING: Chassis admin-state down on chassis: 2, User: johnsmith, Reason: Maintenance

Aug 18 14:31:08 2_01 WARNING: Chassis admin-state up on chassis: 1, User: Peter, Reason: Maintenance

Aug 18 14:32:32 2_01 WARNING: Chassis admin-state down on chassis: 2, User: O, Reason: Maintenance

Aug 20 15:38:58 2_01 WARNING: Blade_admin down on blades: 2_02,2_03,2_04,2_05, User: Paul, Reason: Maintenance

Aug 21 10:00:05 2_01 CRITICAL: Reboot on blades: all, user: ms, Reason: Maintenance

[Expert@MyChassis-ch0x-0x:0]#