[Samba] samba file access rate limiting
Petr
info at admin.jevklidu.cz
Tue Dec 6 12:44:09 UTC 2022
Hello,
I have one share with sensitive data and there is many employees with
access to that share. I need to ban users trying to copy files from
share to other place but users normally editing files left without any
restriction.
I want to set proper logging and set fail2ban to ban user accessing too
many files in some time limit.
I have not find solution how to set samba to log every file access. The
current configuration snippet is below.
vfs objects = full_audit
full_audit:prefix = %u|%I
full_audit:success = create_file
Problem is that it logs directory access too and sometimes it generates
many duplicite lines and it will be hard to define correct regex for
fail2ban.
Do you have any advice how to properly set file reading logging?
Thank you
Petr
More information about the samba
mailing list