Skip to main content

Permissions for Dell Isilon/PowerScale Auditing

Before you start creating a monitoring plan to audit your Dell Isilon/PowerScale file storage system, plan for the account that will be used for data collection. See the Configuring Your Dell Isilon/PowerScale Cluster for Auditing section for additional information. The following scenarios are possible:

For manual configuration, ensure the account meets the requirements listed below.

On the target server:

Step 1 – The account must be a member of the local Administrators group.

Step 2 – The account requires Read permissions on the audited shared folders.

Step 3 – The account requires Read permissions on the folder where audit events are logged (/ifs/.ifsvar/audit/)

Step 4 – To connect to Dell Isilon/PowerScale storage cluster, an account must be assigned a custom role (e.g., netwrix_audit) that has the following privileges:

Platform API (ISI_PRIV_LOGIN_PAPI)readonly
Auth (ISI_PRIV_AUTH)readonly
Audit (ISI_PRIV_AUDIT)readonly
Backup (ISI_PRIV_IFS_BACKUP)readonly

NOTE: If you plan to connect to a cluster that works in the compliance mode, the account must meet additional requirements.

Configuring Your Dell Isilon/PowerScale Cluster for Auditing

A Dell Isilon/PowerScale cluster can operate in one of the following modes:

  • Standard or Normal mode
  • Smartlock Enterprise mode
  • Smartlock Compliance mode

For your convenience, Netwrix provides a special shell script for configuring an audited Dell Isilon/PowerScale cluster and granting necessary privileges to the account that is used to collect audit data.

To grant the necessary permissions to Isilon/PowerScale data collecting account manually, you need to perform all steps for manual audit configuration, otherwise the product will not function properly.

See the Normal and Enterprise Modes for Clusters topic for additional information.