[gpfsug-discuss] file auditing capabilities (Eric Ross)

[Carl Zetie]

Disclaimer: all statements about future functionality are subject to change, and represent intentions only. 

That being said: Yes, we are working on File Audit Logging native to Spectrum Scale. The intention is to provide auditing capabilities in a protocol agnostic manner that will capture not only audit events that come through protocols but also GPFS/Scale native file system access events.  The audit logs are written to a specified GPFS/Scale fileset in a format that is both human=-readable and easily parsable for automated consumption, reporting, or whatever else you might want to do with it. Currently, we intend to release this capability with Scale 5.0.
    
The underlying technology for this is indeed LWE, which as some of you know is also underneath some other Scale features. The use of LWE allows us to do auditing very efficiently to minimize performance impact while also allowing scalability. We do not at this time have plans to expose LWE directly for end-user consumption -- it needs to be "packaged" in a more consumable way in order to be generally supportable. However, we do have intentions to expose other functionality on top of the LWE capability in the future. 
   
   
   
Carl Zetie
Offering Manager for Spectrum Scale, IBM
    
(540) 882 9353 ][ Research Triangle Park
 carlz at us.ibm.com