Release notes
The requested article is not available. Either it doesn't apply to this version of the product or the relevant information is organized differently in this version of the docs. You can search, browse, or go back to the other version.
NFS file and directory access events that can be audited
Contributors
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
This may take a few minutes. Thanks for your patience.
Your file is ready
ONTAP can audit certain NFS file and directory access events. Knowing what access events can be audited is helpful when interpreting results from the converted audit event logs.
You can audit the following NFS file and directory access events:
-
READ
-
OPEN
-
CLOSE
-
READDIR
-
WRITE
-
SETATTR
-
CREATE
-
LINK
-
OPENATTR
-
REMOVE
-
GETATTR
-
VERIFY
-
NVERIFY
-
RENAME
To reliably audit NFS RENAME events, you should set audit ACEs on directories instead of files because file permissions are not checked for a RENAME operation if the directory permissions are sufficient.
