Skip to main content
A newer release of this product is available.

Create a Vscan configuration

Contributors

POST /protocols/vscan

Introduced In: 9.6

Creates a Vscan configuration, which includes a list of scanner-pools, Vscan On-Access policies and Vscan On-Demand policies. Defines whether the Vscan configuration you create is enabled or disabled for a specified SVM.

Important notes:

  • You can enable only one Vscan configuration at a time for an SVM.

  • There needs to be at least one active scanner-pool and one enabled On-Access policy to enable Vscan successfully.

  • By default, a Vscan is enabled when it's created.

  • By default, the Vscan On-Access policies created from this endpoint are in the disabled state. You can use the On-Access policy PATCH endpoint to enable a particular On-Access policy. In ONTAP 9.6, only one Vscan On-Access policy can be enabled and only one Vscan On-Demand policy can be scheduled on an SVM.

Required properties

  • svm.uuid or svm.name - Existing SVM in which to create the Vscan configuration.

  • scanner_pools - There must be at least one active scanner-pool for Vscan configuration. Created either through Vscan POST operation or scanner-pools POST operation.

Default property values

If not specified in POST, the following default property value is assigned:

  • enabled - true

  • vserver vscan enable

  • vserver vscan scanner-pool create

  • vserver vscan scanner-pool apply-policy

  • vserver vscan scanner-pool servers add

  • vserver vscan scanner-pool privileged-users add

  • vserver vscan on-access-policy create

  • vserver vscan on-access-policy file-ext-to-exclude add

  • vserver vscan on-access-policy file-ext-to-include add

  • vserver vscan on-access-policy paths-to-exclude add

  • vserver vscan on-demand-task create

Parameters

Name Type In Required Description

return_records

boolean

query

False

The default is false. If set to true, the records are returned.

  • Default value:

Request Body

Name Type Description

_links

_links

cache_clear

boolean

Discards the cached information of the files that have been successfully scanned. Once the cache is cleared, files are scanned again when they are accessed. PATCH only

enabled

boolean

Specifies whether or not Vscan is enabled on the SVM.

on_access_policies

array[vscan_on_access]

on_demand_policies

array[vscan_on_demand_policy]

scanner_pools

array[scanner_pool]

svm

svm

SVM, applies only to SVM-scoped objects.

Example request
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "on_access_policies": [
    {
      "name": "on-access-test",
      "scope": {
        "exclude_extensions": [
          "mp*",
          "txt"
        ],
        "exclude_paths": [
          "\\dir1\\dir2\\name",
          "\\vol\\a b",
          "\\vol\\a,b\\"
        ],
        "include_extensions": [
          "mp*",
          "txt"
        ],
        "max_file_size": 2147483648
      }
    }
  ],
  "on_demand_policies": [
    {
      "log_path": "/vol0/report_dir",
      "name": "task-1",
      "scan_paths": [
        "/vol1/",
        "/vol2/cifs/"
      ],
      "schedule": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "weekly",
        "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
      },
      "scope": {
        "exclude_extensions": [
          "mp3",
          "mp4"
        ],
        "exclude_paths": [
          "/vol1/cold-files/",
          "/vol1/cifs/names"
        ],
        "include_extensions": [
          "vmdk",
          "mp*"
        ],
        "max_file_size": 10737418240
      }
    }
  ],
  "scanner_pools": [
    {
      "cluster": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "cluster1",
        "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
      },
      "name": "scanner-1",
      "privileged_users": [
        "cifs\\u1",
        "cifs\\u2"
      ],
      "role": "string",
      "servers": [
        "1.1.1.1",
        "10.72.204.27",
        "vmwin204-27.fsct.nb"
      ]
    }
  ],
  "svm": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  }
}

Response

Status: 201, Created
Name Type Description

_links

_links

num_records

integer

Number of records

records

array[vscan]

Example response
{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "num_records": 1,
  "records": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "on_access_policies": [
        {
          "name": "on-access-test",
          "scope": {
            "exclude_extensions": [
              "mp*",
              "txt"
            ],
            "exclude_paths": [
              "\\dir1\\dir2\\name",
              "\\vol\\a b",
              "\\vol\\a,b\\"
            ],
            "include_extensions": [
              "mp*",
              "txt"
            ],
            "max_file_size": 2147483648
          }
        }
      ],
      "on_demand_policies": [
        {
          "log_path": "/vol0/report_dir",
          "name": "task-1",
          "scan_paths": [
            "/vol1/",
            "/vol2/cifs/"
          ],
          "schedule": {
            "_links": {
              "self": {
                "href": "/api/resourcelink"
              }
            },
            "name": "weekly",
            "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
          },
          "scope": {
            "exclude_extensions": [
              "mp3",
              "mp4"
            ],
            "exclude_paths": [
              "/vol1/cold-files/",
              "/vol1/cifs/names"
            ],
            "include_extensions": [
              "vmdk",
              "mp*"
            ],
            "max_file_size": 10737418240
          }
        }
      ],
      "scanner_pools": [
        {
          "cluster": {
            "_links": {
              "self": {
                "href": "/api/resourcelink"
              }
            },
            "name": "cluster1",
            "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
          },
          "name": "scanner-1",
          "privileged_users": [
            "cifs\\u1",
            "cifs\\u2"
          ],
          "role": "string",
          "servers": [
            "1.1.1.1",
            "10.72.204.27",
            "vmwin204-27.fsct.nb"
          ]
        }
      ],
      "svm": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "svm1",
        "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
      }
    }
  ]
}

Headers

Name Description Type

Location

Useful for tracking the resource location

string

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

10027259

A scanner-pool, an On-Access policy, or an On-Demand policy might fail to get created due to either a systematic error or some hardware failure. The error code returned details the failure along with the reason for the failure. For example, if a scanner-pool fails due to an incorrect cluster name, then the error might read: "Failed to create scanner-pool "scanner-1". Reason: "Cluster uuid points to different cluster name instead of the cluster-name supplied.". Retry the operation."

10027260

If a scanner-pool, an On-Access policy or an On-Demand policy specified in the input already exists, then a duplicate error is returned. For example, if a scanner-pool "scanner-1" already exists for an SVM and is again specified in the input, the error message will read: " Failed to create scanner-pool "scanner-1" as the specified entry already exists. Delete the entry and retry the POST operation."

2621462

The specified SVM name is invalid

2621706

The specified svm.uuid is either invalid or belongs to a different SVM

10027015

Attempting to enable a Vscan but no active scanner-pool exists for the specified SVM

10027011

Attempting to enable a Vscan for an SVM for which no CIFS server exists

10027023

Attempting to enable a Vscan for an SVM for which no active Vscan On-Access policy exist

10027086

DNS resolution failed for one or more hostnames

10027012

Cannot enable Vscan on an administrative SVM.

Name Type Description

error

returned_error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

scope

Name Type Description

exclude_extensions

array[string]

List of file extensions for which scanning is not performed.

exclude_paths

array[string]

List of file paths for which scanning must not be performed.

include_extensions

array[string]

List of file extensions to be scanned.

max_file_size

integer

Maximum file size, in bytes, allowed for scanning.

only_execute_access

boolean

Scan only files opened with execute-access.

scan_readonly_volumes

boolean

Specifies whether or not read-only volume can be scanned.

scan_without_extension

boolean

Specifies whether or not files without any extension can be scanned.

vscan_on_access

An On-Access policy that defines the scope of an On-Access scan. Use On-Access scanning to check for viruses when clients open, read, rename, or close files over CIFS. By default, ONTAP creates an On-Access policy named "default_CIFS" and enables it for all the SVMs in a cluster.

Name Type Description

enabled

boolean

Status of the On-Access Vscan policy

mandatory

boolean

Specifies if scanning is mandatory. File access is denied if there are no external virus-scanning servers available for virus scanning.

name

string

On-Access policy name

scope

scope

schedule

Schedule of the task.

Name Type Description

_links

_links

name

string

Job schedule name

uuid

string

Job schedule UUID

scope

Name Type Description

exclude_extensions

array[string]

List of file extensions for which scanning is not performed.

exclude_paths

array[string]

List of file paths for which scanning must not be performed.

include_extensions

array[string]

List of file extensions to be scanned.

max_file_size

integer

Maximum file size, in bytes, allowed for scanning.

scan_without_extension

boolean

Specifies whether or not files without any extension can be scanned.

vscan_on_demand_policy

Use On-Demand scanning to check files for viruses on a schedule. An On-Demand policy defines the scope of an On-Demand scan.

Name Type Description

log_path

string

The path from the Vserver root where the task report is created.

name

string

On-Demand task name

scan_paths

array[string]

List of paths that need to be scanned.

schedule

schedule

Schedule of the task.

scope

scope

cluster_reference

Name Type Description

_links

_links

name

string

uuid

string

scanner_pool

Scanner pool is a set of attributes which are used to validate and manage connections between clustered ONTAP and external virus-scanning server, or "Vscan server".

Name Type Description

cluster

cluster_reference

name

string

Specifies the name of the scanner pool. Scanner pool name can be up to 256 characters long and is a string that can only contain any combination of ASCII-range alphanumeric characters a-z, A-Z, 0-9), "_", "-" and ".".

privileged_users

array[string]

Specifies a list of privileged users. A valid form of privileged user-name is "domain-name\user-name". Privileged user-names are stored and treated as case-insensitive strings. Virus scanners must use one of the registered privileged users for connecting to clustered Data ONTAP for exchanging virus-scanning protocol messages and to access file for scanning, remedying and quarantining operations.

  • example: ["cifs\u1", "cifs\u2"]

  • Introduced in: 9.10

role

string

Specifies the role of the scanner pool. The possible values are:

  • primary - Always active.

  • secondary - Active only when none of the primary external virus-scanning servers are connected.

  • idle - Always inactive.

servers

array[string]

Specifies a list of IP addresses or FQDN for each Vscan server host names which are allowed to connect to clustered ONTAP.

  • example: ["1.1.1.1", "10.72.204.27", "vmwin204-27.fsct.nb"]

  • Introduced in: 9.10

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

_links

_links

name

string

The name of the SVM. This field cannot be specified in a PATCH method.

uuid

string

The unique identifier of the SVM. This field cannot be specified in a PATCH method.

vscan

Vscan can be used to protect data from being compromised by viruses or other malicious code. This combines best-in-class third-party antivirus software with ONTAP features that give you the flexibility you need to control which files get scanned and when. Storage systems offload scanning operations to external servers hosting antivirus software from thirdparty vendors. An Antivirus Connector on the external server handles communications between the storage system and the antivirus software.

Name Type Description

_links

_links

cache_clear

boolean

Discards the cached information of the files that have been successfully scanned. Once the cache is cleared, files are scanned again when they are accessed. PATCH only

enabled

boolean

Specifies whether or not Vscan is enabled on the SVM.

on_access_policies

array[vscan_on_access]

on_demand_policies

array[vscan_on_demand_policy]

scanner_pools

array[scanner_pool]

svm

svm

SVM, applies only to SVM-scoped objects.

Name Type Description

next

href

self

href

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

returned_error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.