Verifying Selective Auditing of Operations

After you set up the list of operations to include and/or exclude from auditing, you can retrieve and verify the list of included and/or excluded operations using the maprcli volume info command. When you run the volume info command, the output will show the list of operations:

  • Excluded (disableddataauditoperations) from auditing.
  • Included (enableddataauditoperations) for auditing.

Example

The following example shows how to retrieve and verify the list of operations that are:

  • Excluded from auditing
  • Included for auditing
maprcli volume info -name test-volume -path /test/test-volume -json

Output

{
    "timestamp":1435182867317,
    "timeofday":"2016-01-10 02:54:27.317 GMT-0700",
    "status":"OK",
    "total":1,
    "data":[
        {
            "acl":{
                "Principal":"User mapr",
                "Allowed actions":[
                    "dump",
                    "restore",
                    "m",
                    "a",
                    "d",
                    "fc"
                ]
            },
            "creator":"mapr",
            "aename":"mapr",
            ...
            "enableddataauditoperations":"getattr,setattr,chown,chperm,chgrp,getxattr,listxattr,setxattr,removexattr,read,write,create,delete,readdir,rmdir,createsym,lookup,rename,createdev,truncate,tablecfcreate,tablecfdelete,tablecfmodify,tablecfScan,tableget,tableput,tablescan,tablecreate,tableinfo,tablemodify,getperm",
            "disableddataauditoperations":"mkdir",
            ...
            "ReplTypeConversionInProgress":"0"
        }
    ]
}