Purpose
Auditing is a great way to track security-relevant information regarding your storage. A successful security auditing policy will help you deeply understand several aspects and answering a lot of questions, such as
...
Is there any huge suspicious amount of failed logins?
Resolution
We support couple of methods based on your needs:
...
8- The below command is very useful in the above step, for example we can check the most used executable:
Then you can exclude the desire command or whatever using an exclude rule in your auditd rules files
II- Samba VFS:
Another KB article was created [SoftNAS KB]: Samba Shares audit logging is illustrating in details how to use Stackable VFS (Virtual File System) to audit samba
Update History
05-26-2017 | Template Created |
|