security anti-ransomware volume attack generate-report
Suggest changes
PDFs
Generates Report File of the Suspected Attack on the Volume
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The anti-ransomware volume attack generate-report command copies the report file to the given path. The report file is not an exhaustive list of all suspected files during the attack, since the maximum number of entries allowed per file extension is 20.
Parameters
-vserver <vserver name>- Vserver Name-
This parameter specifies the Vserver on which the volume is located.
-volume <volume name>- Volume Name-
This parameter specifies the name of the volume on which anti-ransomware feature is enabled.
-dest-path <sub dir>- Destination path under the volume to copy the report file-
This parameter specifies the destination junction-path where requested file is to be copied.
Examples
The following example shows sample output for generating report-file of volume copied to its own destination junction path.
cluster1::> volume show -fields junction-path -vserver vs0 -volume test_vol
vserver volume junction-path
------- -------- -------------
vs0 test_vol /test_vol_path
cluster1::> security anti-ransomware volume attack generate-report -volume test_vol -dest-path vs0:/test_vol_path
Report "report_file_vs0_test_vol_08-07-2025_04-27-18" available at path "vs0:/test_vol_path".
The following example shows sample output for generating report-file of volume copied to different volume's destination junction path.
cluster1::> volume show -fields junction-path -vserver vs1 -volume test_vs1_vol
vserver volume junction-path
------- ------------ -------------
vs1 test_vs1_vol /ontap_vol
cluster1::> security anti-ransomware volume attack generate-report -volume test_vol -vserver vs0 -dest-path vs1:/ontap_vol
Report "report_file_vs0_test_vol_08-07-2025_04-39-44" available at path "vs1:/ontap_vol".