We are receiving the following message :
Unable to send SMF 119 record to monitor socket "/var/log/cozsftp.smf.sock" - EDC5129I No such file or directory. (errno2=0x053B006C)
User not authorized to BPX.SMF class; SMF recording disabled
The reason is that we don't allow a blanket READ access to BPX.SMF but rather BPX.SMF.119 and specific sub types:
RDEF FACILITY BPX.SMF.119.94 UACC(NONE) OWNER(##GRS) +
AUDIT(FAILURES(READ))
PE BPX.SMF.119.94 CLASS(FACILITY) ID(*) ACCESS(READ)
RDEF FACILITY BPX.SMF.119.95 UACC(NONE) OWNER(##GRS) +
AUDIT(FAILURES(READ))
PE BPX.SMF.119.95 CLASS(FACILITY) ID(*) ACCESS(READ)
RDEF FACILITY BPX.SMF.119.96 UACC(NONE) OWNER(##GRS) +
AUDIT(FAILURES(READ))
PE BPX.SMF.119.96 CLASS(FACILITY) ID(*) ACCESS(READ)
RDEF FACILITY BPX.SMF.119.97 UACC(NONE) OWNER(##GRS) +
AUDIT(FAILURES(READ))
PE BPX.SMF.119.97 CLASS(FACILITY) ID(*) ACCESS(READ)
SETROPTS RACLIST (FACILITY) REFRESH
Will CO:Z allow more granular control of SMF as OpenSSH's SFTP server allows? As of the latest version of CO:Z this is not supported.
SMF 119 Records Issue
Re: SMF 119 Records Issue
This is a debugging message:
[D] Unable to send SMF 119 record to monitor socket "/var/log/cozsftp.smf.sock" - EDC5129I No such file or directory. (errno2=0x053B006C)
which means that you don't have a customer-written real time monitoring program.
This is an informational level message:
User not authorized to BPX.SMF class; SMF recording disabled
which is misleading now, since BPX.SMF can be granted by record/subtype, so we will be cleaning up these message and the documentation in an upcoming release.
For now:
- if you grant BPX.SMF.119.3 and BPX.SMF.119.70, then you will get client and server file transfer completion recording for SMF.
- you should also grant SMF SMF119 subtype 192 and 193 to get info and higher logging messages from Co:Z SFTP. If you don't grant these, then you will get the above message, but the 3 and 70 subtypes will still be recorded.
For more information on CO:Z SFTP SMF recording, see: https://dovetail.com/docs/sftp/smf-support.html
[D] Unable to send SMF 119 record to monitor socket "/var/log/cozsftp.smf.sock" - EDC5129I No such file or directory. (errno2=0x053B006C)
which means that you don't have a customer-written real time monitoring program.
This is an informational level message:
User not authorized to BPX.SMF class; SMF recording disabled
which is misleading now, since BPX.SMF can be granted by record/subtype, so we will be cleaning up these message and the documentation in an upcoming release.
For now:
- if you grant BPX.SMF.119.3 and BPX.SMF.119.70, then you will get client and server file transfer completion recording for SMF.
- you should also grant SMF SMF119 subtype 192 and 193 to get info and higher logging messages from Co:Z SFTP. If you don't grant these, then you will get the above message, but the 3 and 70 subtypes will still be recorded.
For more information on CO:Z SFTP SMF recording, see: https://dovetail.com/docs/sftp/smf-support.html
Re: SMF 119 Records Issue
Thank you for the detailed response.