Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-2874: How to measure the file sizes (*nix systems) for DirectAudit

Auditing and Monitoring Service ,  

21 April,16 at 10:53 PM

Applies to:

Centrify DirectAudit version 3.x

How can the the file sizes be measured (UNIX systems) for Direct Audit?  
Is there a way to capture metrics of the audit from the *nix servers to the collector back to the database for querying?  

There is an internal tool that automates user activity. The way the bandwidth is calculated is by running this tool on a completely separate machine which opens a terminal session with the audited system and sends out commands that mimic a "normal" user's typing speed and activity. 
Once the session starts, Wireshark is used to calculate the bandwidth at which data comes from agent to collector and vice-versa. 
The same steps are also repeated to access communication between the agent and the domain controller.
For this particular test, Wireshark was run on the collector server to calculate the TCP traffic, then using the "conversation statistics" feature of Wireshark, the details regarding was extracted with regard to how much data/packets were sent/received and what the average bandwidth usage was.
Along with the spreadsheet, there are also movie files of the recorded sessions. 
These videos demonstrate the commands issued when using the automation tool.
In the spreadsheet and videos (see attachments and embedded players below), the details of the communication between the "audited system and collector" and "audited system and domain controller" can be seen during the recording of the user activity on the audited system.