Appendix – Configuration Files Auditing
The main purpose of this feature is to allow users to track changes made to selected configuration files. When activating the feature, all the changes are reflected in specific log files which contain information about the changes and when they took place.
To activate this feature:
In TrackConfig section in gv.cfg, file value of track_config key should be set to true and value of track_conf_files key should contain a comma-separated list of defined conf files to be tracked.
By default – ALL conf-files are tracked. To activate the feature, after track_config key is set to true, the UFM server should be restarted.
Example:
[TrackConfig]
# track config files changes
track_config = true
# Could be selected options (comaseparated) UFM, SM, SHARP, Telemetry. Or ALL for
all the files.
track_conf_files = ALL
Alternatively, you may run the command "ufm track-conf-changes enable."
The below lists the configuration files that can be tracked:
Conf File Alias |
Configuration Files |
UFM |
conf/gv.cfg |
SM |
conf/opensm/opensm.conf |
SHARP |
conf/sharp2/sharp_am.cfg |
Telemetry |
conf/telemetry/launch_ibdiagnet_config.ini |
ALL |
All the above configuration files. |
Once the feature is activated and the UFM server is restarted, the UFM generates file which list the changes made in each of the tracked conf files. These files are located in the auditing folder which is part of the UFM sys-dump. The file naming convention is as follows: original conf file name with audit.log suffix.
Example: For gv.cfg, the name of the changes-tracking file is gv.cfg.audit.log. Changes are stored in auditing files in “linux diff”-like format.
Example:
cat /opt/ufm/files/auditing/gv.cfg.audit.log
=== Change occurred at 2022
-07
-24
07
:31
:48.679247
===
---
+++
@@ -45
,7
+45
,7
@@
mon_mode_discovery_period = 60
check_interface_retry = 5
# The number of times to try
if
the InfiniBand fabric interface
is down. The duration of each retry is 1
second.
-ibport_check_retries = 90
+ibport_check_retries = 92
ws_address = UNDEFINED
ws_port = 8088
ws_protocol = https