×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
jmla69
New Member
Member since: ‎08-22-2013
‎06-05-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎08-22-2013
View All

Re: Question about the NetApp log format compatibl...

by in All Apps and Add-ons
‎11-09-2015 12:22 AM
‎11-09-2015 12:22 AM
The article only applies to cluster and Vserver storage. It doesn't applies to single storage like FAS2050. But thanks for your help. ... View more

Re: Question about the NetApp log format compatibl...

by in All Apps and Add-ons
‎10-21-2015 08:13 AM
‎10-21-2015 08:13 AM
Hi Kapanig, After reading your answer I reviewed for the umpteenth time by Netapp documentation if something had passed me by. Neither in the documents nor in the knowledge base I have found no information specifying that we can export audit logs CIFS in XML format. All manuals specify that audit logs CIFS always be created in EVT (Windows Event Viewer) format. Perhaps the information you've seen references to other NetApp logs. Anyway, thank you very much for your help. Joseph ... View more

Question about the NetApp log format compatible wi...

by in All Apps and Add-ons
‎01-29-2015 06:41 AM
‎01-29-2015 06:41 AM
Hello, I'm having trouble to read the NetApp CIFS Audit logs with the NetApp StorageGRID App for SPlunk. I'm using the standard CIFS audit log configuration settings recommended by NetApp in the Filer: FAS2020-F1> options cifs.audit cifs.audit.account_mgmt_events.enable off cifs.audit.autosave.file.extension timestamp cifs.audit.autosave.file.limit 20 cifs.audit.autosave.onsize.enable on cifs.audit.autosave.onsize.threshold 75% cifs.audit.autosave.ontime.enable off cifs.audit.autosave.ontime.interval 1d cifs.audit.enable on cifs.audit.file_access_events.enable on cifs.audit.liveview.allowed_users cifs.audit.liveview.enable off cifs.audit.logon_events.enable off cifs.audit.logsize 5000000 cifs.audit.nfs.enable off cifs.audit.nfs.filter.filename cifs.audit.saveas /vol/vol0/Share/CIFS_Audit/CIFS_Audit_log.evt I have too a shared folder in the filer to access to the logs from the Splunk Server side. But the log files generated by the NetApp Filer are in "Windows Event" format and seems that the StorageGRID App can't process them. I have seen too in the StorageGRID App folder an example log that it's in a text format that I can't match like a CSV file. What are the log format types supported by the StorageGRID App? If they are not in the native format used by the NetApp FIler, what is your preferred method to convert them to be compatible with StorageGRID App? Thanks, Joseph Lopez ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM