vserver fpolicy policy show
Display policy configuration
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The vserver fpolicy policy show
command displays information about all FPolicy policies belonging to the Vserver. Any Vserver administrator can see FPolicy policies associated with their Vserver as well as policies created by the cluster administrator. The command output depends on the parameter or parameters specified with the command. If you do not specify any parameters, the command displays the following information about all FPolicy policies:
-
Vserver name
-
Policy name
-
Events to monitor
-
FPolicy engine
-
Is mandatory screening required
-
Allow privileged access
-
User name for privileged access
You can specify the -fields
parameter to specify which fields of information to display about FPolicy policies. You can specify additional parameters to display only information that matches those parameters. For example, to display information only about FPolicy policies where the FPolicy server requires privileged access, run the command with the -fields
parameter set to policy-name (no "-") and -allow-privileged-access
parameter set to yes
.
You can specify the -instance
parameter to display all information for all policies in the list form.
Parameters
- {
[-fields <fieldname>,…]
-
If you specify the -fields <fieldname>, … parameter, the command only displays the fields that you specify.
- |
[-instance ]
} -
If you specify the -instance parameter, the command displays detailed information about all entries.
[-vserver <Vserver Name>]
- Vserver-
If you specify this parameter, the command displays information only about the FPolicy policies for the specified Vserver. FPolicy policies created by the cluster administrator are visible for all Vservers.
[-policy-name <Policy name>]
- Policy-
If you specify this parameter, the command displays information only about the FPolicy policy that you specify.
[-events <Event name>,…]
- Events to Monitor-
If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified event or events.
[-engine <Engine name>]
- FPolicy Engine-
If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified engine.
[-is-mandatory {true|false}]
- Is Mandatory Screening Required-
If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified mandatory attribute.
[-allow-privileged-access {yes|no}]
- Allow Privileged Access-
If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified privileged access.
[-privileged-user-name <text>]
- User Name for Privileged Access-
If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified privileged user name.
[-is-passthrough-read-enabled {true|false}]
- Is Passthrough Read Enabled-
If you specify this parameter, the command displays information only about the FPolicy policies that use the specified passthrough-read setting.
[-persistent-store <text>]
- Persistent Store Name-
This parameter specifies persistent storage name. This can then be used for enabling the Peristent mode for Fpolicy events.
Examples
The following example displays the information about FPolicy policies on the cluster using the vserver fpolicy policy show
command.
cluster1::> vserver fpolicy policy show Vserver Policy Events Engine Is Mandatory PrivAccess --------------- ----------- ---------- ------------- ------------ ---------- Cluster cserver_pol cserver_ cserver_eng true yes evt vs1.example.com p r n true no vs1.example.com cserver_pol cserver_ cserver_eng true yes evt vs2.example.com cserver_pol cserver_ cserver_eng true yes evt 4 entries were displayed.
The following example displays FPolicy policy name information about all Vserver FPolicy policies with the -allow-privileged-access
parameter set to "yes".
cluster1::> vserver fpolicy policy show -fields policy-name -allow-privileged-access yes vserver policy-name --------------- ----------- Cluster cserver_pol vs1.example.com cserver_pol vs2.example.com cserver_pol 3 entries were displayed.