By William Pijewski on Nov 10, 2008
As I described in my earlier blog entry on kiosk users, our team has been in contact with evaluation and beta customers to understand the problems they face as storage administrators. These administrators are responsible for the security of the storage infrastructure, and must understand how and why changes are made to the storage configuration. Many IT departments use a centralized ticket management system to manage open issues and requests. When a storage consumer reports a problem and requests some configuration change, that user is given a unique identifier to track the issue in this database. The ticket database contains all the details of the request, like the person requesting the change, the date and time of the request, which administrator will make the change, and the current status of the change.
One of our larger beta customers requested the ability to tag the audit log with a user-defined string which annotates that particular session. Certain users, upon logging in, must provide a session annotation:
Then, that annotation is saved with every audit record generated in that session. Users who are required to indicate this annotation may change their annotations in the middle of the session, but can never provide an empty session annotation:
Customers who have a centralized ticket management system can have their administrators provide the ticket identifier upon logging in. With those annotations, the auditors who examine the audit log gain a richer understanding of those actions, as each audit record can be correlated with the information in the database.