File Auditing for Domino on AIX

If you run Domino on AIX this is a really cool technote

Problem
There are specific scenarios were external debug is needed to help troubleshooting Domino issues.
 
Symptom
There are specific scenarios were external debug is needed to help troubleshooting Domino issues.

1. Suspected 3rd party task accessing Domino data

2, Unexplained change of OS level ownership/permissions on Domino file

3. Unexplained zero bytes size for Domino file

4. Unexplained Domino data corruption

5 Undocumented Domino file rename at OS level

6. Undocumented Domino file deletion

The technote goes on to explain how to set up the AIX “Audit” tool to monitor changes to files at the operating system level.  Think someone is logging in and touching your notes.ini file… audit it, any other key files (names.nsf, admin4.nsf, critical application database) that you want to make sure is not being touched by anyone outside of Domino.. audit it.

I can think of a few instances this would have been useful to have in place on a server.  The only downside is you have to set up “Audit” to specifically track a file, so while you might not audit every file on a Domino server starting with notes.ini and names.nsf might be a good idea.

The technote also warns you:

NOTE: Since the audit tool in this example will be documenting every read/write event for names.nsf, this output can be extremely verbose.

so make sure you have enough disk space, and understand how to purge out the audit logs before they fill up your disk.

Technote 1445939: Using "Audit" on AIX to monitor Domino files

Sorry, comments are closed for this post.