• Home
  • History
  • Annotate
  • Line#
  • Navigate
  • Raw
  • Download
  • only in /asuswrt-rt-n18u-9.0.0.4.380.2695/release/src-rt-6.x.4708/router/samba-3.5.8/docs/htmldocs/manpages/
1<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>smb_traffic_analyzer</title><link rel="stylesheet" href="../samba.css" type="text/css"><meta name="generator" content="DocBook XSL Stylesheets V1.74.0"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="refentry" lang="en"><a name="vfs_smb_traffic_analyzer.8"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>vfs_smb_traffic_analyzer &#8212; log Samba VFS read and write operations through a socket
2	to a helper application</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="literal">vfs objects = smb_traffic_analyzer</code></p></div></div><div class="refsect1" lang="en"><a name="id2522906"></a><h2>DESCRIPTION</h2><p>This VFS module is part of the
3	<a class="citerefentry" href="samba.7.html"><span class="citerefentry"><span class="refentrytitle">samba</span>(7)</span></a> suite.</p><p>The <code class="literal">vfs_smb_traffic_analyzer</code> VFS module logs
4	client write and read operations on a Samba server and sends this data
5	over a socket to a helper program, which feeds a SQL database. More
6	information on the helper programs can be obtained from the
7	homepage of the project at:
8	http://holger123.wordpress.com/smb-traffic-analyzer/
9	</p><p><code class="literal">vfs_smb_traffic_analyzer</code> currently is aware
10	of the following VFS operations:</p><table class="simplelist" border="0" summary="Simple list"><tr><td>write</td></tr><tr><td>pwrite</td></tr><tr><td>read</td></tr><tr><td>pread</td></tr></table><p><code class="literal">vfs_smb_traffic_analyzer</code> sends the following data
11	in a fixed format seperated by a comma through either an internet or a
12	unix domain socket:</p><pre class="programlisting">
13	BYTES|USER|DOMAIN|READ/WRITE|SHARE|FILENAME|TIMESTAMP
14	</pre><p>Description of the records:
15
16	</p><div class="itemizedlist"><ul type="disc"><li><p><code class="literal">BYTES</code> - the length in bytes of the VFS operation</p></li><li><p><code class="literal">USER</code> - the user who initiated the operation</p></li><li><p><code class="literal">DOMAIN</code> - the domain of the user</p></li><li><p><code class="literal">READ/WRITE</code> - either "W" for a write operation or "R" for read</p></li><li><p><code class="literal">SHARE</code> - the name of the share on which the VFS operation occured</p></li><li><p><code class="literal">FILENAME</code> - the name of the file that was used by the VFS operation</p></li><li><p><code class="literal">TIMESTAMP</code> - a timestamp, formatted as "yyyy-mm-dd hh-mm-ss.ms" indicating when the VFS operation occured</p></li></ul></div><p>
17
18	</p><p>This module is stackable.</p></div><div class="refsect1" lang="en"><a name="id2483552"></a><h2>OPTIONS</h2><div class="variablelist"><dl><dt><span class="term">smb_traffic_analyzer:mode = STRING</span></dt><dd><p>If STRING matches to "unix_domain_socket", the module will
19		use a unix domain socket located at /var/tmp/stadsocket, if
20		STRING contains an different string or is not defined, the module will
21		use an internet domain socket for data transfer.</p></dd><dt><span class="term">smb_traffic_analyzer:host = STRING</span></dt><dd><p>The module will send the data to the system named with
22		the hostname STRING.</p></dd><dt><span class="term">smb_traffic_analyzer:port = STRING</span></dt><dd><p>The module will send the data using the TCP port given
23		in STRING.
24		</p></dd><dt><span class="term">smb_traffic_analyzer:anonymize_prefix = STRING</span></dt><dd><p>The module will replace the user names with a prefix
25		given by STRING and a simple hash number.
26		</p></dd><dt><span class="term">smb_traffic_analyzer:total_anonymization = STRING</span></dt><dd><p>If STRING matches to 'yes', the module will replace
27		any user name with the string given by the option 
28		smb_traffic_analyzer:anonymize_prefix, without generating
29		an additional hash number. This means that any transfer data
30		will be mapped to a single user, leading to a total 
31		anonymization of user related data.</p></dd></dl></div></div><div class="refsect1" lang="en"><a name="id2483644"></a><h2>EXAMPLES</h2><p>The module running on share "example_share", using a unix domain socket</p><pre class="programlisting">
32	<em class="parameter"><code>[example_share]</code></em>
33	<a class="link" href="smb.conf.5.html#PATH" target="_top">path = /data/example</a>
34	<a class="link" href="smb.conf.5.html#VFSOBJECTS" target="_top">vfs objects = smb_traffic_analyzer</a>
35	<a class="link" href="smb.conf.5.html#SMB_TRAFFIC_ANALYZER:MODE" target="_top">smb_traffic_analyzer:mode = unix_domain_socket</a>
36	</pre><p>The module running on share "example_share", using an internet socket,
37	connecting to host "examplehost" on port 3491.</p><pre class="programlisting">
38	<em class="parameter"><code>[example_share]</code></em>
39	<a class="link" href="smb.conf.5.html#PATH" target="_top">path = /data/example</a>
40	<a class="link" href="smb.conf.5.html#VFSOBJECTS" target="_top">vfs objects = smb_traffic_analyzer</a>
41	<a class="link" href="smb.conf.5.html#SMB_TRAFFIC_ANALYZER:HOST" target="_top">smb_traffic_analyzer:host = examplehost</a>
42	<a class="link" href="smb.conf.5.html#SMB_TRAFFIC_ANALYZER:PORT" target="_top">smb_traffic_analyzer:port = 3491</a>
43	</pre><p>The module running on share "example_share", using an internet socket,
44	connecting to host "examplehost" on port 3491, anonymizing user names with
45	the prefix "User".</p><pre class="programlisting">
46	<em class="parameter"><code>[example_share]</code></em>
47	<a class="link" href="smb.conf.5.html#PATH" target="_top">path = /data/example</a>
48	<a class="link" href="smb.conf.5.html#VFSOBJECTS" target="_top">vfs objects = smb_traffic_analyzer</a>
49	<a class="link" href="smb.conf.5.html#SMB_TRAFFIC_ANALYZER:HOST" target="_top">smb_traffic_analyzer:host = examplehost</a>
50	<a class="link" href="smb.conf.5.html#SMB_TRAFFIC_ANALYZER:PORT" target="_top">smb_traffic_analyzer:port = 3491</a>
51	<a class="link" href="smb.conf.5.html#SMB_TRAFFIC_ANALYZER:ANONYMIZE_PREFIX" target="_top">smb_traffic_analyzer:anonymize_prefix = User</a>
52	</pre></div><div class="refsect1" lang="en"><a name="id2481591"></a><h2>VERSION</h2><p>This man page is correct for version 3.3 of the Samba suite.
53	</p></div><div class="refsect1" lang="en"><a name="id2481602"></a><h2>AUTHOR</h2><p>The original Samba software and related utilities
54	were created by Andrew Tridgell. Samba is now developed
55	by the Samba Team as an Open Source project similar
56	to the way the Linux kernel is developed.</p><p>The original version of the VFS module and the
57	helper tools were created by Holger Hetterich.</p></div></div></body></html>
58