REST API reference
Retrieve information about security trace filter entries
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
GET /protocols/file-access-tracing/filters
Introduced In: 9.8
Retrieves information about security trace filter entries.
Related ONTAP commands
-
vserver security trace filter show
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
svm.uuid |
string |
query |
False |
Filter by svm.uuid |
svm.name |
string |
query |
False |
Filter by svm.name |
protocol |
string |
query |
False |
Filter by protocol |
index |
integer |
query |
False |
Filter by index |
windows_user |
string |
query |
False |
Filter by windows_user |
enabled |
boolean |
query |
False |
Filter by enabled |
client_ip |
string |
query |
False |
Filter by client_ip |
trace_allowed_ops |
boolean |
query |
False |
Filter by trace_allowed_ops |
unix_user |
string |
query |
False |
Filter by unix_user |
path |
string |
query |
False |
Filter by path |
fields |
array[string] |
query |
False |
Specify the fields to return. |
max_records |
integer |
query |
False |
Limit the number of records returned. |
return_records |
boolean |
query |
False |
The default is true for GET calls. When set to false, only the number of records is returned.
|
return_timeout |
integer |
query |
False |
The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.
|
order_by |
array[string] |
query |
False |
Order results by specified fields and optional [asc |
Response
Status: 200, Ok| Name | Type | Description |
|---|---|---|
_links |
||
num_records |
integer |
Number of records |
records |
array[file_access_filter] |
Example response
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"records": [
{
"client_ip": "10.140.68.143",
"index": 1,
"path": "/dir1/dir2",
"protocol": "string",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"unix_user": "root",
"windows_user": "cifs1/administrator"
}
]
}Error
Status: Default, Error| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
collection_links
| Name | Type | Description |
|---|---|---|
next |
||
self |
_links
| Name | Type | Description |
|---|---|---|
self |
svm_reference
SVM, applies only to SVM-scoped objects.
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
file_access_filter
ONTAP allows creation of filters for file access tracing for both CIFS and NFS. These filters have protocols, path, username and client IP based on which file access operations are logged.
| Name | Type | Description |
|---|---|---|
client_ip |
string |
Specifies the IP address from which the client accesses the file or directory. |
enabled |
boolean |
Specifies whether to enable or disable the filter. Filters are enabled by default and are deleted after 60 mins. |
index |
integer |
Position of the file access tracing filter. |
path |
string |
Specifies the path for which permission tracing can be applied. The value can be complete path from root of CIFS share or root of volume for NFS. |
protocol |
string |
Specifies the protocol for which permission trace is required. |
svm |
SVM, applies only to SVM-scoped objects. |
|
trace_allowed_ops |
boolean |
Specifies if the filter can trace file access denied and allowed events. The value of trace-allow is false by default, and it traces access denied events. The value is set to true for tracing access allowed events. |
unix_user |
string |
Specifies the UNIX username whose access requests you want to trace. The filter would match only if the request is received with this user. |
windows_user |
string |
Specifies the Windows username whose access requests you want to trace. The filter would match only if the request is received with this user. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |