Skip to main content
Version: 1.3.0

Storage Integration

FlashBlade/FlashArray Integration

This section describes how to integrate Data Security Essentials with your FlashBlade/FlashArray storage system.

note

FlashBlade sends syslog messages over UDP or TCP, while FlashArray sends audit events exclusively using TCP.

Enabling Data Stream

  1. Log into Console

    SSH into the FlashBlade/FlashArray console

  2. Create Syslog Entry

    For FlashBlade, create a syslog server entry using UDP:

    purelog create –uri udp://<ip-address-of-superna-dses-server> –services data-audit superna-dses-syslog-server

    For FlashArray, create a syslog server entry using TCP:

    purelog syslog create --uri tcp://<ip-address-of-superna-dses-server> --services data-audit superna-dses-syslog-server
  3. Create Audit Policy

    For FlashBlade, create the audit policy:

    purepolicy audit file create superna-dses-syslog-audit –log-targets superna-dses-syslog-server

    For FlashArray, create the audit policy with a different syntax:

    purepolicy audit file create --targets superna-dses-syslog-server superna-dses-syslog-audit
  4. Assign Policy

    For FlashBlade, assign the policy at the file system level:

    purepolicy audit file add superna-dses-syslog-audit –fs <file-system-name>

    For FlashArray, assign the policy at the directory level:

    purepolicy audit file add --dir <directory-name> superna-dses-syslog-audit
  5. Verify Configuration

    Navigate to Settings -> Monitoring to verify the syslog entry Monitoring Syslog Entry

Configuring Windows Auditing Permissions

  1. Access Properties

    Right-click on the file system in Windows Explorer and select Properties

  2. Open Security Settings

    Navigate to the Security tab and click Advanced

  3. Access Auditing Tab

    Go to the Auditing tab and add or edit an entry Auditing Settings

  4. Configure Permissions

    Choose Domain Users as the Principal, set Type to All, and permissions to Full Control Permission Configuration

Adding the Storage Device

  1. Configure Pure Console

    1. Create User
      Navigate to Settings > Users and create a new user named superna

    2. Copy API Token
      Copy the generated API Token that you'll need for Data Security Essentials API Token

  2. Add New Device in Data Security Essentials
    Go to the Inventory list and click + Device FlashBlade Configuration

  3. Configure Device
    Fill in the device details in the form Device Configuration Form

    • Device Name: A descriptive name for your storage device
    • Device Type: Select FlashBlade or FlashArray
    • Description: Information about your device
    • Managed by: Select the appliance that will manage this device
    • API URL: Enter the management interface URL or IP address
    • API Token: Paste the token copied from Pure Console