Is there a way to do some sort of audit logging for users attempts, failures, successes, time stamp and pipe that Splunk for tracking? Any insights appreciated, thank you.
You can setup SNM2 audit logging to an external syslog. I haven't worked with splunk, but I imagine you can either import this data directly into splunk, or export to a syslog and import into splunk. The HUS Operations Guide covers audit logging.
Unified Storage Operations Guide - Hitachi Data Systems Knowledge
How Splunk Enterprise handles syslog data over UDP - Splunk Documentation
Syslog - TCP/UDP
Splunk Enterprise can listen on a TCP or UDP port for data coming from the syslog service on one or more machines. You can get syslog data from these hosts for easy searching, reporting and alerting.
hey rseldner, thank you for the input, i'll look into it. Never worked with Splunk as well but your directions does make sense. I'll provide some feedback after... thanks again.
Retrieving data ...