Ace:Audit Manager User Guide
From Adapt
Overview
The ACE Audit manager is a web-based application that allows for easy auditing of millions of files and terabytes of data. It can perform two types of audits. The first, a file audit will check files in registered directories against stored hashes to ensure files have not been corrupted. The second type of audit, a token audit, will check the stored hashes against a remote Integrity Management Server to ensure nobody has tampered with the stored hashes.
The audit manager keeps extensive logs about the status of each file and any changes that are noticed. Any changes in collections can also be easily monitored through a status report.
Getting Started
The first page you will be greeted with is the status screen. This will likely be located at http://www.your_installation_server.com:8080/ace-am. Your sysadmin or whomever installed the software should be able to give you the URL to the Audit Manager.
If this is your first time using the Audit manager, you will not see any collections listed. See Registering New Collections below for information on registering your files.
- State: Current state of the collection
- Collection Name: Descriptive name of the collection.
- Type: Type of collection, local files, srb, irods, etc
- Total Files: total number of files in a collection. This won't show anything until the first audit has run
- Last Audit: Last file audit on a collection.
Clicking on the name of any collection will show details for the collection. You can close the the details for a collection by clicking the 'x' next to the collections name in the upper left hand of the details window.
- Audit Status: One of the following three options
- Idle : Collection is not in the process of being audited
- File Audit : The integrity of each file in the collection is being checked
- Token Audit : The Audit Manager is checking the integrity of it's database.
- Last Complete Update: The last time a complete file audit was run.
- Directory: The directory being monitored
- Total Monitored Files: Total number of files in the collection, will be empty until the first complete audit runs
The Additional items will be shown if a file audit is in progress.
- Total Files Scanned: How many files have been checked since the audit started
- New Files Found: How many new files were found since the audit started
- Tokens Added: How many tokens for new files were added. This may trail the new files found by a few items until the audit finishes.
- Errors: Total number of errors encountered during this audit.
These items may be shows if a token audit is in progress.
- Total Tokens Scanned: How many file digests have been scanned so far.
- Tokens Validated: How many complete validations of digests have been performed. May trail total tokens by a few items.
- Errors: Number of errors encountered during this audit.
The line of icons listed below a collection can be used to audit, browse, view logs and other stuff with the collection. If an audit is in progress, you may not see all of these listed.
- Audit files in the collection
- Audit tokens in the collection
- Stop an in-progress audit
- Modify collection settings
- Remove a collection
- View the contends of a collection
- View all log entries for a collection
- View report of any missing or corrupt files
Registering New Collections
Registering new collections consists of two parts, first is specifying the directory where your collection resides, and second is configuring any optional settings for accessing your collection.
- From the status screen, click 'Add Collection'.
- Enter the following settings for your collection:
- Collection name: descriptive name for your collection
- Location: Directory where your files are stored (ie, /home/username/Documents)
- Audit Collection: Scan the collection every number of days for new files or looking for bad files. Enter 0 to turn this off
- Storage Type: Where your is stored.
- Press 'Configure Storage' when finished.
- If needed, you may be asked for additional information to access your files. See documentation for the storage types.
- Press 'Save' when finished. You will be returned to the status screen and can now audit your collection.
Local Storage
Files that are available on the Audit Manager server are to be audited. This is NOT the machine that you are running your web browser on. Any directories listed must be locally available on the server. No additional configuration is necessary.
SRB
This driver is for files that are stored on the storage resourge broker. While the Audit Manager can audit files over long distance (UMD to SDSC) this is not recommended and all attempts should be made to run the audit manager close to the SRB so that latency is reduced.
If you already use the S-commands these are the same settings as your .MdasEnv file.
Configuration Settings:
- Server: server address of your mcat (srb.sdsc.edu)
- Port: port number for the mcat, default is 5544, but you may have a different one
- Username: account that is able to read the files you want audited
- Domain: domain for the above account
- Password: password for the above account
- Zone: home zone for the above account/mcat
For additional security, the account that you use to audit files does not need full access to files, but just read access.
iRODS
Configuration Settings:
- Server: iRODS server
- Port: port on irods server
- Username: irods username
- Password: account password
- Zone: Zone your account resides in.
These settings should be the same you use in the irods explorer or your .irodsEnv configuration file.
Auditing Collections
There are several ways the integrity of collections in the Audit Manager are tested. First, is ensuring that no files have changed or gone missing. This scanning can occur manually, ie someone triggers a scan, or automatically, ie scan every 7 days. The second type of auditing involved checking to make sure the Audit Manager's own data is intact. This involves checking the integrity of every stored hash for a collection
Manual File Scanning
Collections or folders in ACE can be audited on demand.
- Collection Audit
- From the Status screen, select the collection you with to audit. In the details box, click the icon to start integrity checking of the entire collection.
- Directory Audit
- From the Status screen, select the collection you with to audit. Click the icon to to open the collection browser. Select the folder you with to audit and click the Audit files link to check every file and directory in that folder.
Periodic File Scanning
Collections in the Audit manager may be periodically scanned to ensure nothing has changed. Setting up the periodic scan is done from the collection management screen.
- When creating a new collection, you can enter how often you wish to audit the collection.
- For existing collections, you can modify their settings. From the status screen, click on the collection you will be auditing and click the icon. You can change your audit frequency and hit save
If you wish to disable automatic auditing, enter '0' for how often to audit the collection.
Hash Validation
Browse Collection
Log Files
The Audit Manager keeps a record of everything that has ever occurred during a files lifetime. This includes every audit of a collection, when files were registered, any time they were found corrupt, etc. Since these logs can grow quite large, there is a method to filter log files based on the type of message, collection, item, and session.
Reading Log Entries
The log window will have a list of log entries. Entries are listed with the oldest entries at the top and newest at the bottom. Each entry shows four items described below:
- Entry ID - number identifying this log entry
- Date - Date and time this log entry occurred.
- Session - Number connecting related entries. All log entries from a particular audit will have the same session number.
- Log type - Type of log entry. Types of log messages
Clicking on any of the log entries will show an expanded view. The expanded view shows details about which item and collection this entry is connected to, along with any message. Most log entries will show some or all of the following:
- Collection - Which collection this log event is attached to.
- Path - Location of affected item within a collection
- Session - Number connecting related log entries
- Event Type: Expanded desription of what occurred. Types of log messages
- Details - details for the event
Clicking on any of the Path, Collection, or Session values will add a filter to show any related log entries.
Log Filters
Status Reports
Comparing Collections
Managing Users
The Audit Manager supports configurable user accounts. Clicking on the 'Accounts' link at the top of the application will show the users window.
Create New User
- Click on the 'Accounts' link at the top of the web page. If any username appears in the 'Username' field, click the clear link.
- Enter a new username and password for the account you want to create.
- Select the appropriate permissions for the user.
- Click 'Save' when finished.
Editing Users
- Click on the Accounts link at the top of the web page.
- Enter a new password, or change permissions for the user.
- Click 'Save' when finished.
User Permissions
- Status - View the status details for any collection
- Modify Collections - Create, modify, or remove collection settings. This includes changing any collection connection information, audit frequency, or directory
- Browse - Browse files in a collection and view details (checksum, last scanned, etc)
- View Log Entries - View any log entries
- Start or Stop Audits - Start or stop a file or token audit
- Remove monitored files/directories - Remove individual files or directories from the audit manager
- Manage Users - Modify, view, or add users
- View Collection Reports - View reports for any collection
- Download Tokens - Download integrity tokens from the browse window for any file.