Retrieve the Vscan configuration for an SVM
GET /protocols/vscan/{svm.uuid}
Introduced In: 9.6
Retrieves the Vscan configuration for a specified SVM. This includes scanner-pools, On-Access policies, On-Demand policies, and information about whether a Vscan is enabled or disabled on an SVM.
Important note:
-
You can enable only one Vscan configuration at a time for an SVM.
Related ONTAP commands
-
vserver vscan show
-
vserver vscan scanner-pool show
-
vserver vscan scanner-pool servers show
-
vserver vscan scanner-pool privileged-users show
-
vserver vscan on-access-policy show
-
vserver vscan on-access-policy file-ext-to-exclude show
-
vserver vscan on-access-policy file-ext-to-include show
-
vserver vscan on-access-policy paths-to-exclude show
-
vserver vscan on-demand-task show
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
fields |
array[string] |
query |
False |
Specify the fields to return. |
Response
Status: 200, Ok
Name | Type | Description |
---|---|---|
_links |
||
cache_clear |
boolean |
Discards the cached information of the files that have been successfully scanned. Once the cache is cleared, files are scanned again when they are accessed. PATCH only |
enabled |
boolean |
Specifies whether or not Vscan is enabled on the SVM. |
on_access_policies |
array[vscan_on_access] |
|
on_demand_policies |
array[vscan_on_demand_policy] |
|
scanner_pools |
array[scanner_pool] |
|
svm |
Example response
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"on_access_policies": [
{
"name": "on-access-test",
"scope": {
"exclude_extensions": [
"mp*",
"txt"
],
"exclude_paths": [
"\\dir1\\dir2\\name",
"\\vol\\a b",
"\\vol\\a,b\\"
],
"include_extensions": [
"mp*",
"txt"
],
"max_file_size": 2147483648
}
}
],
"on_demand_policies": [
{
"log_path": "/vol0/report_dir",
"name": "task-1",
"scan_paths": [
"/vol1/",
"/vol2/cifs/"
],
"schedule": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "weekly",
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
},
"scope": {
"exclude_extensions": [
"mp3",
"mp4"
],
"exclude_paths": [
"/vol1/cold-files/",
"/vol1/cifs/names"
],
"include_extensions": [
"vmdk",
"mp*"
],
"max_file_size": 10737418240
}
}
],
"scanner_pools": [
{
"cluster": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "cluster1",
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
},
"name": "scanner-1",
"privileged_users": [
"cifs\\u1",
"cifs\\u2"
],
"role": "string",
"servers": [
"1.1.1.1",
"10.72.204.27",
"vmwin204-27.fsct.nb"
]
}
],
"svm": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
}
}
Error
Status: Default, Error
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
self |
scope
Name | Type | Description |
---|---|---|
exclude_extensions |
array[string] |
List of file extensions for which scanning is not performed. |
exclude_paths |
array[string] |
List of file paths for which scanning must not be performed. |
include_extensions |
array[string] |
List of file extensions to be scanned. |
max_file_size |
integer |
Maximum file size, in bytes, allowed for scanning. |
only_execute_access |
boolean |
Scan only files opened with execute-access. |
scan_readonly_volumes |
boolean |
Specifies whether or not read-only volume can be scanned. |
scan_without_extension |
boolean |
Specifies whether or not files without any extension can be scanned. |
vscan_on_access
An On-Access policy that defines the scope of an On-Access scan. Use On-Access scanning to check for viruses when clients open, read, rename, or close files over CIFS. By default, ONTAP creates an On-Access policy named "default_CIFS" and enables it for all the SVMs in a cluster.
Name | Type | Description |
---|---|---|
enabled |
boolean |
Status of the On-Access Vscan policy |
mandatory |
boolean |
Specifies if scanning is mandatory. File access is denied if there are no external virus-scanning servers available for virus scanning. |
name |
string |
On-Access policy name |
scope |
schedule
Schedule of the task.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
Job schedule name |
uuid |
string |
Job schedule UUID |
scope
Name | Type | Description |
---|---|---|
exclude_extensions |
array[string] |
List of file extensions for which scanning is not performed. |
exclude_paths |
array[string] |
List of file paths for which scanning must not be performed. |
include_extensions |
array[string] |
List of file extensions to be scanned. |
max_file_size |
integer |
Maximum file size, in bytes, allowed for scanning. |
scan_without_extension |
boolean |
Specifies whether or not files without any extension can be scanned. |
vscan_on_demand_policy
Use On-Demand scanning to check files for viruses on a schedule. An On-Demand policy defines the scope of an On-Demand scan.
Name | Type | Description |
---|---|---|
log_path |
string |
The path from the Vserver root where the task report is created. |
name |
string |
On-Demand task name |
scan_paths |
array[string] |
List of paths that need to be scanned. |
schedule |
Schedule of the task. |
|
scope |
cluster_reference
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
|
uuid |
string |
scanner_pool
Scanner pool is a set of attributes which are used to validate and manage connections between clustered ONTAP and external virus-scanning server, or "Vscan server".
Name | Type | Description |
---|---|---|
cluster |
||
name |
string |
Specifies the name of the scanner pool. Scanner pool name can be up to 256 characters long and is a string that can only contain any combination of ASCII-range alphanumeric characters a-z, A-Z, 0-9), "_", "-" and ".". |
privileged_users |
array[string] |
Specifies a list of privileged users. A valid form of privileged user-name is "domain-name\user-name". Privileged user-names are stored and treated as case-insensitive strings. Virus scanners must use one of the registered privileged users for connecting to clustered Data ONTAP for exchanging virus-scanning protocol messages and to access file for scanning, remedying and quarantining operations.
|
role |
string |
Specifies the role of the scanner pool. The possible values are:
|
servers |
array[string] |
Specifies a list of IP addresses or FQDN for each Vscan server host names which are allowed to connect to clustered ONTAP.
|
svm
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. |
uuid |
string |
The unique identifier of the SVM. |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |