Good afternoon folks! We have a scenario where we want to capture in elasticsearch the file accessed, modified, and create times for every file in the system (and there's millions of files on the filesystem and about 600 TB of data). We were looking at the samba logs, and they spit out some information on files, but the format of the logs is not easily machine parsable to form a reliable feed to elasticsearch of file info. Thus we started looking at the audit logs. *But I think at one point Martin Schewnke mentioned that enabling logging can have a detrimental effect on performance. I didn't know if this applied as well to audit logs? Does turning on samba audit logs have a detrimental effect?* -- BOB BUCK SENIOR PLATFORM SOFTWARE ENGINEER SKIDMORE, OWINGS & MERRILL 7 WORLD TRADE CENTER 250 GREENWICH STREET NEW YORK, NY 10007 T (212) 298-9624 ROBERT.BUCK at SOM.COM
Am 08.06.21 um 20:41 schrieb Robert Buck via samba:> *But I think at one point Martin Schewnke mentioned that enabling logging > can have a detrimental effect on performance. I didn't know if this applied > as well to audit logs? Does turning on samba audit logs have a detrimental > effect?*well, some audit logging is not the same as generic logging with a high loglevel. The former surely has a certain performance impact, but it's the latter is going to kill performance. Cheers! -slow -- Ralph Boehme, Samba Team https://samba.org/ Samba Developer, SerNet GmbH https://sernet.de/en/samba/ GPG-Fingerprint FAE2C6088A24252051C559E4AA1E9B7126399E46 -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature Type: application/pgp-signature Size: 840 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20210608/e862b80b/OpenPGP_signature.sig>