Create an FPolicy event configuration for an SVM
POST /protocols/fpolicy/{svm.uuid}/events
Introduced In: 9.6
Creates an FPolicy event configuration for a specified SVM. FPolicy event creation is allowed only on data SVMs. When a protocol is specified, you must specify a file operation or a file operation and filters.
Required properties
-
svm.uuid
- Existing SVM in which to create the FPolicy event. -
name
- Name of the FPolicy event.
Recommended optional properties
-
file-operations
- List of file operations to monitor. -
protocol
- Protocol for which the file operations should be monitored. -
filters
- List of filters for the specified file operations.
Default property values
If not specified in POST, the following default property values are assigned:
-
file_operations.*
- false -
filters.*
- false -
volume-monitoring
- false
Related ONTAP commands
-
fpolicy policy event create
Learn more
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
return_records |
boolean |
query |
False |
The default is false. If set to true, the records are returned.
|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
Request Body
Name | Type | Description |
---|---|---|
file_operations |
Specifies the file operations for the FPolicy event. You must specify a valid protocol in the protocol parameter. The event will check the operations specified from all client requests using the protocol. |
|
filters |
Specifies the list of filters for a given file operation for the specified protocol. When you specify the filters, you must specify the valid protocols and a valid file operations. |
|
name |
string |
Specifies the name of the FPolicy event. |
protocol |
string |
Protocol for which event is created. If you specify protocol, then you must also specify a valid value for the file operation parameters. The value of this parameter must be one of the following:
|
svm |
||
volume_monitoring |
boolean |
Specifies whether volume operation monitoring is required. |
Example request
{
"name": "event_nfs_close",
"protocol": "string",
"svm": {
"uuid": "string"
}
}
Response
Status: 201, Created
Name | Type | Description |
---|---|---|
_links |
||
num_records |
integer |
Number of records |
records |
array[fpolicy_event] |
Example response
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"num_records": 1,
"records": [
{
"name": "event_nfs_close",
"protocol": "string",
"svm": {
"uuid": "string"
}
}
]
}
Headers
Name | Description | Type |
---|---|---|
Location |
Useful for tracking the resource location |
string |
Error
Status: Default
Error Code | Description |
---|---|
9764929 |
The file operation is not supported by the protocol |
9764955 |
The filter is not supported by the protocol |
9764930 |
The filter is not supported by any of the file operations |
9764946 |
The protocol is specifed without a file operation or a file operation and filter pair |
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
file_operations
Specifies the file operations for the FPolicy event. You must specify a valid protocol in the protocol parameter. The event will check the operations specified from all client requests using the protocol.
Name | Type | Description |
---|---|---|
close |
boolean |
File close operations |
create |
boolean |
File create operations |
create_dir |
boolean |
Directory create operations |
delete |
boolean |
File delete operations |
delete_dir |
boolean |
Directory delete operations |
getattr |
boolean |
Get attribute operations |
link |
boolean |
Link operations |
lookup |
boolean |
Lookup operations |
open |
boolean |
File open operations |
read |
boolean |
File read operations |
rename |
boolean |
File rename operations |
rename_dir |
boolean |
Directory rename operations |
setattr |
boolean |
Set attribute operations |
symlink |
boolean |
Symbolic link operations |
write |
boolean |
File write operations |
filters
Specifies the list of filters for a given file operation for the specified protocol. When you specify the filters, you must specify the valid protocols and a valid file operations.
Name | Type | Description |
---|---|---|
close_with_modification |
boolean |
Filter the client request for close with modification. |
close_with_read |
boolean |
Filter the client request for close with read. |
close_without_modification |
boolean |
Filter the client request for close without modification. |
exclude_directory |
boolean |
Filter the client requests for directory operations. When this filter is specified directory operations are not monitored. |
first_read |
boolean |
Filter the client requests for the first-read. |
first_write |
boolean |
Filter the client requests for the first-write. |
monitor_ads |
boolean |
Filter the client request for alternate data stream. |
offline_bit |
boolean |
Filter the client request for offline bit set. FPolicy server receives notification only when offline files are accessed. |
open_with_delete_intent |
boolean |
Filter the client request for open with delete intent. |
open_with_write_intent |
boolean |
Filter the client request for open with write intent. |
setattr_with_access_time_change |
boolean |
Filter the client setattr requests for changing the access time of a file or directory. |
setattr_with_allocation_size_change |
boolean |
Filter the client setattr requests for changing the allocation size of a file. |
setattr_with_creation_time_change |
boolean |
Filter the client setattr requests for changing the creation time of a file or directory. |
setattr_with_dacl_change |
boolean |
Filter the client setattr requests for changing dacl on a file or directory. |
setattr_with_group_change |
boolean |
Filter the client setattr requests for changing group of a file or directory. |
setattr_with_mode_change |
boolean |
Filter the client setattr requests for changing the mode bits on a file or directory. |
setattr_with_modify_time_change |
boolean |
Filter the client setattr requests for changing the modification time of a file or directory. |
setattr_with_owner_change |
boolean |
Filter the client setattr requests for changing owner of a file or directory. |
setattr_with_sacl_change |
boolean |
Filter the client setattr requests for changing sacl on a file or directory. |
setattr_with_size_change |
boolean |
Filter the client setattr requests for changing the size of a file. |
write_with_size_change |
boolean |
Filter the client request for write with size change. |
svm
Name | Type | Description |
---|---|---|
uuid |
string |
SVM UUID |
fpolicy_event
The information that a FPolicy process needs to determine what file access operations to monitor and for which of the monitored events notifications should be sent to the external FPolicy server.
Name | Type | Description |
---|---|---|
file_operations |
Specifies the file operations for the FPolicy event. You must specify a valid protocol in the protocol parameter. The event will check the operations specified from all client requests using the protocol. |
|
filters |
Specifies the list of filters for a given file operation for the specified protocol. When you specify the filters, you must specify the valid protocols and a valid file operations. |
|
name |
string |
Specifies the name of the FPolicy event. |
protocol |
string |
Protocol for which event is created. If you specify protocol, then you must also specify a valid value for the file operation parameters. The value of this parameter must be one of the following:
|
svm |
||
volume_monitoring |
boolean |
Specifies whether volume operation monitoring is required. |
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
next |
||
self |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |