Overview of EMC Isilon auditing

Isilon is a network-attached storage platform from Dell EMC, running the proprietary OneFS operating system. ADAudit Plus can track file accesses and modifications made in Dell EMC Isilon storage in real time, and detect anomalous activity using its user behavior analytics (UBA) engine.

Benefits of auditing EMC Isilon storage using ADAudit Plus

ManageEngine ADAudit Plus offers several advantages over native tools when auditing EMC file clusters. It can:

• Track successful and failed file read, write, create, delete, modify, move, rename, and delete events.
• Provide information on who made the change, to which file, when, and from where on a user-friendly interface unlike native tools, which rely on command-line interface.
• List the Access Control List (ACL) values before and after a permission change.
• Maintain a unified audit trail of all file activities across multiple servers.
• Trigger instant alerts when anomalous file activities are detected.
• Deliver detailed, out-of-the-box audit reports for regulatory compliances such as HIPAA, SOX, GDPR, PCI DSS, ISO 27001, FISMA, GLBA, and more.

Supported versions

OneFS OS versions 7.0 and above.

Audited events

ADAudit Plus audits every successful and failed attempt to perform these file activities:

• Create
• Read
• Modify
• Write
• Delete
• Move
• Change file permissions (with information on the permission settings before and after the change)

This guide provides steps on configuring real-time change auditing for your EMC Isilon cluster using ADAudit Plus.