Enable total anonymization in vfs_smb_traffic_analyzer, by mapping any user names...
[Samba/ekacnet.git] / docs-xml / manpages-3 / vfs_smb_traffic_analyzer.8.xml
blob3a16b612100d7f228d69e77832ce305f0d79023e
1 <?xml version="1.0" encoding="iso-8859-1"?>
2 <!DOCTYPE refentry PUBLIC "-//Samba-Team//DTD DocBook V4.2-Based Variant V1.0//EN" "http://www.samba.org/samba/DTD/samba-doc">
3 <refentry id="vfs_smb_traffic_analyzer.8">
5 <refmeta>
6         <refentrytitle>smb_traffic_analyzer</refentrytitle>
7         <manvolnum>8</manvolnum>
8         <refmiscinfo class="source">Samba</refmiscinfo>
9         <refmiscinfo class="manual">System Administration tools</refmiscinfo>
10         <refmiscinfo class="version">3.3</refmiscinfo>
11 </refmeta>
14 <refnamediv>
15         <refname>vfs_smb_traffic_analyzer</refname>
16         <refpurpose>log Samba VFS read and write operations through a socket
17         to a helper application</refpurpose>
18 </refnamediv>
20 <refsynopsisdiv>
21         <cmdsynopsis>
22                 <command>vfs objects = smb_traffic_analyzer</command>
23         </cmdsynopsis>
24 </refsynopsisdiv>
26 <refsect1>
27         <title>DESCRIPTION</title>
29         <para>This VFS module is part of the
30         <citerefentry><refentrytitle>samba</refentrytitle>
31         <manvolnum>7</manvolnum></citerefentry> suite.</para>
33         <para>The <command>vfs_smb_traffic_analyzer</command> VFS module logs
34         client write and read operations on a Samba server and sends this data
35         over a socket to a helper program, which feeds a SQL database. More
36         information on the helper programs can be obtained from the
37         homepage of the project at:
38         http://holger123.wordpress.com/smb-traffic-analyzer/
39         </para>
40         <para><command>vfs_smb_traffic_analyzer</command> currently is aware
41         of the following VFS operations:</para>
43         <simplelist>
44         <member>write</member>
45         <member>pwrite</member>
46         <member>read</member>
47         <member>pread</member>
48         </simplelist>
50         <para><command>vfs_smb_traffic_analyzer</command> sends the following data
51         in a fixed format seperated by a comma through either an internet or a
52         unix domain socket:</para>
53         <programlisting>
54         BYTES|USER|DOMAIN|READ/WRITE|SHARE|FILENAME|TIMESTAMP
55         </programlisting>
57         <para>Description of the records:
59         <itemizedlist>
60         <listitem><para><command>BYTES</command> - the length in bytes of the VFS operation</para></listitem>
61         <listitem><para><command>USER</command> - the user who initiated the operation</para></listitem>
62         <listitem><para><command>DOMAIN</command> - the domain of the user</para></listitem>
63         <listitem><para><command>READ/WRITE</command> - either "W" for a write operation or "R" for read</para></listitem>
64         <listitem><para><command>SHARE</command> - the name of the share on which the VFS operation occured</para></listitem>
65         <listitem><para><command>FILENAME</command> - the name of the file that was used by the VFS operation</para></listitem>
66         <listitem><para><command>TIMESTAMP</command> - a timestamp, formatted as "yyyy-mm-dd hh-mm-ss.ms" indicating when the VFS operation occured</para></listitem>
67         </itemizedlist>
69         </para>
71         <para>This module is stackable.</para>
73 </refsect1>
76 <refsect1>
77         <title>OPTIONS</title>
79         <variablelist>
81                 <varlistentry>
82                 <term>smb_traffic_analyzer:mode = STRING</term>
83                 <listitem>
84                 <para>If STRING matches to "unix_domain_socket", the module will
85                 use a unix domain socket located at /var/tmp/stadsocket, if
86                 STRING contains an different string or is not defined, the module will
87                 use an internet domain socket for data transfer.</para>
89                 </listitem>
90                 </varlistentry>
93                 <varlistentry>
94                 <term>smb_traffic_analyzer:host = STRING</term>
95                 <listitem>
96                 <para>The module will send the data to the system named with
97                 the hostname STRING.</para>
99                 </listitem>
100                 </varlistentry>
102                 <varlistentry>
103                 <term>smb_traffic_analyzer:port = STRING</term>
104                 <listitem>
105                 <para>The module will send the data using the TCP port given
106                 in STRING.
107                 </para>
108                 </listitem>
109                 </varlistentry>
110                 <varlistentry>
111                 <term>smb_traffic_analyzer:anonymize_prefix = STRING</term>
112                 <listitem>
113                 <para>The module will replace the user names with a prefix
114                 given by STRING and a simple hash number.
115                 </para>
117                 </listitem>
118                 </varlistentry>
120                 <varlistentry>
121                 <term>smb_traffic_analyzer:total_anonymization = STRING</term>
122                 <listitem>
123                 <para>If STRING matches to 'yes', the module will replace
124                 any user name with the string given by the option 
125                 smb_traffic_analyzer:anonymize_prefix, without generating
126                 an additional hash number. This means that any transfer data
127                 will be mapped to a single user, leading to a total 
128                 anonymization of user related data.</para>
129                 </listitem>
130                 </varlistentry>
132         </variablelist>
133 </refsect1>
135 <refsect1>
136         <title>EXAMPLES</title>
138         <para>The module running on share "example_share", using a unix domain socket</para>
139         <programlisting>
140         <smbconfsection name="[example_share]"/>
141         <smbconfoption name="path">/data/example</smbconfoption>
142         <smbconfoption name="vfs objects">smb_traffic_analyzer</smbconfoption>
143         <smbconfoption name="smb_traffic_analyzer:mode">unix_domain_socket</smbconfoption>
144         </programlisting>
146         <para>The module running on share "example_share", using an internet socket,
147         connecting to host "examplehost" on port 3491.</para>
148         <programlisting>
149         <smbconfsection name="[example_share]"/>
150         <smbconfoption name="path">/data/example</smbconfoption>
151         <smbconfoption name="vfs objects">smb_traffic_analyzer</smbconfoption>
152         <smbconfoption name="smb_traffic_analyzer:host">examplehost</smbconfoption>
153         <smbconfoption name="smb_traffic_analyzer:port">3491</smbconfoption>
154         </programlisting>
156         <para>The module running on share "example_share", using an internet socket,
157         connecting to host "examplehost" on port 3491, anonymizing user names with
158         the prefix "User".</para>
159         <programlisting>
160         <smbconfsection name="[example_share]"/>
161         <smbconfoption name="path">/data/example</smbconfoption>
162         <smbconfoption name="vfs objects">smb_traffic_analyzer</smbconfoption>
163         <smbconfoption name="smb_traffic_analyzer:host">examplehost</smbconfoption>
164         <smbconfoption name="smb_traffic_analyzer:port">3491</smbconfoption>
165         <smbconfoption name="smb_traffic_analyzer:anonymize_prefix">User</smbconfoption>
166         </programlisting>
167 </refsect1>
169 <refsect1>
170         <title>VERSION</title>
171         <para>This man page is correct for version 3.3 of the Samba suite.
172         </para>
173 </refsect1>
175 <refsect1>
176         <title>AUTHOR</title>
178         <para>The original Samba software and related utilities
179         were created by Andrew Tridgell. Samba is now developed
180         by the Samba Team as an Open Source project similar
181         to the way the Linux kernel is developed.</para>
183         <para>The original version of the VFS module and the
184         helper tools were created by Holger Hetterich.</para>
185 </refsect1>
187 </refentry>