security anti-ransomware volume show
Show anti-ransomware related information of volumes
Availability: This command is available to cluster and Vserver administrators at the admin privilege level.
Description
The security anti-ransomware volume show
command displays information related to Anti-ransomware on the volumes in the cluster. The following information is displayed:
-
Vserver Name: The Vserver on which the volume is located.
-
Volume Name: The volume name
-
State: The Anti-ransomware state of the volume. The possible values are
disabled
,enabled
,dry-run
,dry-run-paused
,enable-paused
anddisable-in-progress
.
Parameters
- {
[-fields <fieldname>,…]
-
If you specify the
-fields <fieldname>, …
parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify. - |
[-attack ]
-
If this parameter is specified, ransomware attack details are displayed.
- |
[-instance ]
} -
If you specify the
-instance
parameter, the command displays detailed information about all fields. [-vserver <vserver name>]
- Vserver Name-
If this parameter and the
-volume
parameter are specified, the command displays detailed information related to Anti-ransomware about the specified volume. If this parameter is specified by itself, the command displays information related to the Anti-ransomware about all volumes on the specified Vserver. [-volume <volume name>]
- Volume Name-
If this parameter and the
-vserver
parameter are specified, the command displays detailed information related to Anti-ransomware about the specified volume. If this parameter is specified by itself, the command displays information related to the Anti-ransomware about all volumes matching the specified name. [-state {disabled|enabled|dry-run|paused|dry-run-paused|enable-paused|disable-in-progress}]
- State-
If this parameter is specified, the command displays information only about the volume or volumes that have the specified Anti-ransomware state. The possible values are
disabled
,enabled
,dry-run
,dry-run-paused
,enable-paused
anddisable-in-progress
. The possible states are:-
disabled - Anti-ransomware is disabled on the volume.
-
enabled - Anti-ransomware is enabled on the volume.
-
dry-run - Anti-ransomware is enabled in the dry-run or evaluation mode on the volume.
-
dry-run-paused - Anti-ransomware is paused from dry-run or evaluation mode on the volume.
-
enable-paused - Anti-ransomware is paused on the volume.
-
disable-in-progress - Anti-ransomware disable work is in progress on the volume.
-
[-dry-run-start-time <MM/DD/YYYY HH:MM:SS>]
- Dry Run Start Time-
If this parameter is specified, the command displays the dry run start time of the volumes that have the state dry-run or dry-run-paused.
[-attack-probability {none|low|moderate|high}]
- Attack Probability-
If this parameter is specified, the command displays information only about the volumes that have the specified probability. The possible values are
none
,low
,moderate
, andhigh
.-
none - No data is suspected for ransomware activity.
-
low - Small amount data is suspected for ransomware activity.
-
moderate - Moderate amount of data is suspected for ransomware activity.
-
high - Large amount data is suspected for ransomware activity.
-
[-attack-timeline <MM/DD/YYYY HH:MM:SS>,…]
- Attack Timeline-
If this parameter is specified, the command displays information only about the volumes that have the specified attack-timeline.
[-no-of-attacks <integer>]
- Number of Attacks-
This provides the number of ransomware attacks observed.
Examples
The following example shows a sample output for this command:
cluster1::> security anti-ransomware volume show Vserver Volume State ---------- ------------ ------- vs1 vol1 enabled