- Notes, cautions, and warnings
- Introduction
- Revision history
- Accessing PowerFlex appliance components
- PowerFlex appliance deployment types
- Managing components with PowerFlex Manager
- Add licenses to PowerFlex Manager
- Configuring VMware vCenter high availability
- Enable or disable SSH on the VMware ESXi host dynamically
- Performing maintenance activities in a PowerFlex cluster
- Monitoring system health
- Monitor system resources
- Manage compliance
- Enabling SupportAssist
- Managing events and alerts
- CloudLink Center
- Network management
- Storage management
- Protection domains
- Fault sets
- Storage data servers
- Storage pools
- Acceleration pools
- Devices
- Volumes
- NVMe targets
- Hosts
- Storage management for PowerFlex controller nodes
- Configuring replication on PowerFlex nodes
- Redistribute the MDM cluster using PowerFlex Manager
- Set rebuild and rebalance settings
- Enabling or disabling SDC authentication
- Log in to PowerFlex using scli
- Prepare for storage data clients authentication
- Configure storage data client to use authentication
- Enable storage data client authentication
- Disable SDC authentication
- Expand an existing PowerFlex cluster with SDC authentication enabled
- Add a Windows or Linux authenticated SDC
- PowerFlex file storage
- Multitenancy
- NAS server
- Create a NAS server for NFS (UNIX-only) file systems
- Create NAS server for SMB (Windows-only) file systems
- Change NAS server settings
- Configure settings of an existing NAS server
- Manage the network routes between the NAS server and the supported external services
- Modify or configure the NAS server naming services
- NAS server sharing protocols
- NAS server protection and events
- Managing NAS server configuration
- NAS server settings
- NAS server security
- Create a global namespace
- File systems
- Quotas
- Shares and exports
- File protection
- Create a protection policy
- Create snapshot rules
- Create a snapshot
- Modify a snapshot
- Delete a snapshot
- Assign a protection policy to a file system
- Unassign a protection policy
- Modify a protection policy
- Delete a protection policy
- Modify a snapshot rule
- Delete a snapshot rule
- Refresh a file system using snapshot
- Restore a file system from a snapshot
- Clone NAS server and file system
- Clone the file system
- Create a thin clone using a snapshot
- Reconfiguring MDM roles
- Set rebuild and rebalance settings
- Enabling or disabling SDC authentication
- Log in to PowerFlex using scli
- Prepare for storage data clients authentication
- Configure storage data client to use authentication
- Enable storage data client authentication
- Disable SDC authentication
- Expand an existing PowerFlex cluster with SDC authentication enabled
- Add a Windows or Linux authenticated SDC
- Enabling replication on existing PowerFlex hyperconverged nodes
- Prerequisites
- Workflow
- Remove a PowerFlex hyperconverged resource group from PowerFlex Manager
- Create and configure replication port groups
- Preparing the SVMs for replication
- Shut down the SVM
- Add network adapters
- Record the MAC address of the newly added network interface controllers
- Modify SVMs
- Install SDR RPMs on the SDS nodes (SVMs)
- Exit SDS maintenance mode
- Adding the Storage Data Replicator to a PowerFlex appliance
- Create and copy certificates
- Add replication networks to PowerFlex Manager
- Add the hyperconverged resource group back to PowerFlex Manager
- Enabling replication on existing PowerFlex storage-only nodes
- Prerequisites
- Gather the MDM IP address information
- Install SDR
- Configure replication networks
- Create static routes
- Add SDRs to PowerFlex Manager
- Add firewall rules for SDR
- Remove existing storage-only resource group from PowerFlex Manager
- Add replication networks to PowerFlex Manager
- Add the storage-only resource group back to PowerFlex Manager
- Add peer replication systems
- Create the remote consistency group
- Secure component verification and TPM enablement on the PowerFlex nodes
- Administering the CloudLink Center
- Add the CloudLink Center license in PowerFlex Manager
- Adding and managing CloudLink Center licenses
- Configure syslog and audit logs in CloudLink
- Manage a self-encrypting drive (SED) from CloudLink Center
- Manage a self-encrypting drive from the command line
- Release a self-encrypting drive
- Release management of a self-encrypting drive from the command line
- Backup and restore
- Powering on and off
- Power on a Technology Extension with PowerScale
- Power on a PowerFlex appliance
- Power on the PowerFlex management controller 2.0
- Power on the PowerFlex management node
- Power on the VMware NSX Edge nodes
- Power on PowerFlex storage-only nodes
- Power on PowerFlex file nodes
- Power on all PowerFlex hyperconverged nodes
- Power on PowerFlex compute-only nodes
- Complete the powering on of PowerFlex appliance
- Power off a PowerFlex appliance
- Deactivate protection domain and power off PowerFlex storage-only node using PowerFlex Manager
- Power off PowerFlex compute-only nodes with VMware ESXi
- Power off PowerFlex file nodes
- Power off PowerFlex hyperconverged nodes with VMware ESXi
- Power off the VMware NSX Edge nodes
- Power off the PowerFlex management controller 2.0
- Power off the PowerFlex management node
- Complete the powering off of PowerFlex appliance
- Power off a Technology Extension with PowerScale
- Usernames and password management
- PowerFlex servers
- PowerFlex Manager
- Virtualization
- Management VMs
- Change CloudLink passwords
- Manage EmbeddedOS15.3 users credentials for the jump server
- Changing the IPI appliance password
- Changing a user account password on the IPI appliance
- Changing the operating system password
- System logs and audit logs
- PowerFlex Manager logs
- VMware vCenter logs
- CloudLink logs
- Network logs
- Configuring syslogs and audit logs
- Configure syslogs using VMware ESXi
- Configure and forward the syslogs using VMware vCenter
- Configure syslog and audit logs in CloudLink
- Configure audit logs in SVMs and PowerFlex storage-only nodes
- Configure iDRAC for audit logging
- Retrieve SDNAS audit logs
- Configuring syslogs for Dell PowerSwitch and Cisco Nexus switches
- PowerFlex audit log
- Migrating to NVMe over TCP on VMware ESXi
Dell PowerFlex Appliance with PowerFlex 4.x Administration Guide
Configure audit logs in SVMs and PowerFlex storage-only nodes
Use this procedure to configure and maintain audit logs of a user in a separate file commands.log in SVMs and PowerFlex storage-only nodes and transmit them to the remote servers.
Steps
- Log in to each SVM or PowerFlex storage-only node using SSH.
-
Run the following commands to record all the commands executed by the users:
-
Edit the system-wide BASH runtime configuration file:
#sudo -e /etc/bash.bashrc
-
Append the following to the end of the file:
export PROMPT_COMMAND='RETRN_VAL=$?;logger -p security.debug "$(whoami) [$$]: $(history 1 | sed "s/^[ ]*[0-9]\+[ ]*//" ) [$RETRN_VAL]"'
- Press Esc+:wq to save the file.
-
To setup the audit logging for
local6 with a new file as
commands.log, run the following command to edit the remote syslog BASH runtime configuration file:
# sudo -e /etc/rsyslog.d/bash.conf
-
Enter the following:
security.* /var/log/commands
- Press Esc+:wq to save the file.
-
Edit the system-wide BASH runtime configuration file:
-
To forward the audit log file
/var/log/audit/audit.log to the remote syslog server, edit
/etc/audit/plugins.d/syslog.conf and do the following:
- Set active=yes
- Append security in args:
For example:#vi /etc/audit/plugins.d/syslog.conf active = yes # changes made from No to Yes direction = out path = /sbin/audisp-syslog type = always args = LOG_INFO LOG_security # append security to write the audit logs to remote server format = string
-
To transmit the logs to the remote server:
-
Edit the
rsyslog.conf file:
# vi /etc/rsyslog.conf
-
Add the following lines to route the logs to the remote server:
$ModLoad imfile $InputFileName /var/log/audit/audit.log $InputFileTag tag_audit_log: $InputFileStateFile audit_log $InputFileSeverity info $InputRunFileMonitor local6.* @<remoteserverIP>:514 #Remote server IP address to be updated
In PowerFlex Manager, both TCP and UDP connections are supported and port number 514 is used for the syslog transfer.
-
Edit the
rsyslog.conf file:
-
Restart the remote syslog service:
systemctl restart rsyslog.service
-
To manage the log file
/etc/logrotate.conf:
- To edit the file, type # vi /etc/logrotate.conf.
-
Update the following lines:
## AUDIT LOG### /var/log/commands { compress dateext maxage 14 rotate 2 missingok notifempty size +4096k } - Type :wq to save the file.
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\