REST API reference
Creates security trace filter entries
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
POST /protocols/file-access-tracing/filters
Introduced In: 9.8
Creates security trace filter entries.
Related ONTAP commands
-
vserver security trace filter create
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
return_records |
boolean |
query |
False |
The default is false. If set to true, the records are returned.
|
Request Body
| Name | Type | Description |
|---|---|---|
client_ip |
string |
Specifies the IP address from which the client accesses the file or directory. |
enabled |
boolean |
Specifies whether to enable or disable the filter. Filters are enabled by default and are deleted after 60 mins. |
index |
integer |
Position of the file access tracing filter. |
path |
string |
Specifies the path for which permission tracing can be applied. The value can be complete path from root of CIFS share or root of volume for NFS. |
protocol |
string |
Specifies the protocol for which permission trace is required. |
svm |
SVM, applies only to SVM-scoped objects. |
|
trace_allowed_ops |
boolean |
Specifies if the filter can trace file access denied and allowed events. The value of trace-allow is false by default, and it traces access denied events. The value is set to true for tracing access allowed events. |
unix_user |
string |
Specifies the UNIX username whose access requests you want to trace. The filter would match only if the request is received with this user. |
windows_user |
string |
Specifies the Windows username whose access requests you want to trace. The filter would match only if the request is received with this user. |
Example request
{
"client_ip": "10.140.68.143",
"index": 1,
"path": "/dir1/dir2",
"protocol": "string",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"unix_user": "root",
"windows_user": "cifs1/administrator"
}Response
Status: 201, Created| Name | Type | Description |
|---|---|---|
_links |
||
num_records |
integer |
Number of records |
records |
array[file_access_filter] |
Example response
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"records": [
{
"client_ip": "10.140.68.143",
"index": 1,
"path": "/dir1/dir2",
"protocol": "string",
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"unix_user": "root",
"windows_user": "cifs1/administrator"
}
]
}Error
Status: Default, Error| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
svm_reference
SVM, applies only to SVM-scoped objects.
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
file_access_filter
ONTAP allows creation of filters for file access tracing for both CIFS and NFS. These filters have protocols, path, username and client IP based on which file access operations are logged.
| Name | Type | Description |
|---|---|---|
client_ip |
string |
Specifies the IP address from which the client accesses the file or directory. |
enabled |
boolean |
Specifies whether to enable or disable the filter. Filters are enabled by default and are deleted after 60 mins. |
index |
integer |
Position of the file access tracing filter. |
path |
string |
Specifies the path for which permission tracing can be applied. The value can be complete path from root of CIFS share or root of volume for NFS. |
protocol |
string |
Specifies the protocol for which permission trace is required. |
svm |
SVM, applies only to SVM-scoped objects. |
|
trace_allowed_ops |
boolean |
Specifies if the filter can trace file access denied and allowed events. The value of trace-allow is false by default, and it traces access denied events. The value is set to true for tracing access allowed events. |
unix_user |
string |
Specifies the UNIX username whose access requests you want to trace. The filter would match only if the request is received with this user. |
windows_user |
string |
Specifies the Windows username whose access requests you want to trace. The filter would match only if the request is received with this user. |
collection_links
| Name | Type | Description |
|---|---|---|
next |
||
self |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |