NFS file and directory access events that can be audited
Contributors
Suggest changes
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- SAN storage management
- Security and data encryption
-
Data protection and disaster recovery
- Data protection with the CLI
Collection of separate PDF docs
Creating your file...
This may take a few minutes. Thanks for your patience.
Your file is ready
ONTAP can audit certain NFS file and directory access events. Knowing what access events can be audited is helpful when interpreting results from the converted audit event logs.
You can audit the following NFS file and directory access events:
-
READ
-
OPEN
-
CLOSE
-
READDIR
-
WRITE
-
SETATTR
-
CREATE
-
LINK
-
OPENATTR
-
REMOVE
-
GETATTR
-
VERIFY
-
NVERIFY
-
RENAME
To reliably audit NFS RENAME events, you should set audit ACEs on directories instead of files because file permissions are not checked for a RENAME operation if the directory permissions are sufficient.