Skip to main content

Supported file operation and filter combinations that FPolicy can monitor for SMB

Contributors netapp-mdavidson netapp-aherbin netapp-thomi

When you configure your FPolicy event, you need to be aware that only certain combinations of file operations and filters are supported for monitoring SMB file access operations.

The list of supported file operation and filter combinations for FPolicy monitoring of SMB file access events is provided in the following table:

Supported file operations

Supported filters

close

monitor-ads, offline-bit, close-with-modification, close-without-modification, close-with-read, exclude-directory

create

monitor-ads, offline-bit

create_dir

Currently no filter is supported for this file operation.

delete

monitor-ads, offline-bit

delete_dir

Currently no filter is supported for this file operation.

getattr

offline-bit, exclude-dir

open

monitor-ads, offline-bit, open-with-delete-intent, open-with-write-intent, exclude-dir

read

monitor-ads, offline-bit, first-read

write

monitor-ads, offline-bit, first-write, write-with-size-change

rename

monitor-ads, offline-bit

rename_dir

Currently no filter is supported for this file operation.

setattr

monitor-ads, offline-bit, setattr_with_owner_change, setattr_with_group_change, setattr_with_mode_change, setattr_with_sacl_change, setattr_with_dacl_change, setattr_with_modify_time_change, setattr_with_access_time_change, setattr_with_creation_time_change, setattr_with_size_change, setattr_with_allocation_size_change, exclude_directory

Beginning with ONTAP 9.13.1, users can receive notifications for failed file operations due to lack of permissions. The list of supported access denied file operation and filter combinations for FPolicy monitoring of SMB file access events is provided in the following table:

Supported access denied file operation

Supported filters

open

NA