vserver security trace filter show

Contributors

Display a security trace entry

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

The vserver security trace filter show command displays information about security trace filter entries. Prior to Data ONTAP 9.3, this feature was only supported for CIFS. In Data ONTAP 9.3 and later, this feature is supported for both NFS and CIFS.

The vserver security trace filter show command is not supported for Vservers with Infinite Volume.

NFS security trace filters are not supported for FlexGroup volumes, and will only be applied to the FlexVol volumes within the specified Vserver.

Parameters

{ [-fields <fieldname>,…​]

If you specify the -fields <fieldname>, …​ parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

| [-instance ] }

If you specify the -instance parameter, the command displays detailed information about all fields.

[-vserver <vserver name>] - Vserver

If you specify this parameter, the command displays permission tracing information only for filters applied to the specified Vserver.

[-index <integer>] - Filter Index

If you specify this parameter, the command displays permission tracing information only for filters with the specified filter index number.

[-protocols {cifs|nfs}] - Protocols

If you specify this parameter, the command displays permission tracing information only for filters applied to the specified protocols.

[-client-ip <IP Address>] - Client IP Address to Match

If you specify this parameter, the command displays permission tracing information only for filters applied to the specified client IP address.

[-path <TextNoCase>] - Path

If you specify this parameter, the command displays permission tracing information only for filters applied to the specified path.

[-windows-name <TextNoCase>] - Windows User Name

If you specify this parameter, the command displays permission tracing information only for filters applied to the specified Windows user name.

[-unix-name <TextNoCase>] - UNIX User Name or User ID

If you specify this parameter, the command displays permission tracing information only for filters applied to the specified UNIX user name or user ID(for NFS specififc filters).

[-trace-allow {yes|no}] - Trace Allow Events

If you specify this parameter, the command displays information only about events that either trace or do not trace allow events, depending on the value provided.

[-enabled {enabled|disabled}] - Filter Enabled

If you specify this parameter, the command displays information only about filters that either are enabled or disabled, depending on the value provided.

[-time-enabled <integer>] - Minutes Filter is Enabled

If you specify this parameter, the command displays information only about filters that are disabled after the specified minutes.

Examples

The following example displays security trace filters for Vserver vserver1 .

cluster1::> vserver security trace filter show
Vserver  Index   Client-IP     Path          Trace-Allow Windows-Name  Protocol
-------- ----- ------------ ---------------- ----------- ------------- --------
vserver1 1     -            -                no          domain\user   cifs
vserver1 2     192.168.2.3  -                yes         -             cifs
vserver1 3     -            /dir1/dir2/file  no          domain\       cifs
                                                         administrator
vserver1 4     -            file             yes         -             nfs
4 entries were displayed.