Supported file operation and filter combinations that FPolicy can monitor for SMB
Suggest changes
PDFs
When you configure your FPolicy event, you need to be aware that only certain combinations of file operations and filters are supported for monitoring SMB file access operations.
The list of supported file operation and filter combinations for FPolicy monitoring of SMB file access events is provided in the following table:
Supported file operations |
Supported filters |
|---|---|
close |
monitor-ads, offline-bit, close-with-modification, close-without-modification, close-with-read, exclude-directory |
create |
monitor-ads, offline-bit |
create_dir |
Currently no filter is supported for this file operation. |
delete |
monitor-ads, offline-bit |
delete_dir |
Currently no filter is supported for this file operation. |
getattr |
offline-bit, exclude-dir |
open |
monitor-ads, offline-bit, open-with-delete-intent, open-with-write-intent, exclude-dir |
read |
monitor-ads, offline-bit, first-read |
write |
monitor-ads, offline-bit, first-write, write-with-size-change |
rename |
monitor-ads, offline-bit |
rename_dir |
Currently no filter is supported for this file operation. |
setattr |
monitor-ads, offline-bit, setattr_with_owner_change, setattr_with_group_change, setattr_with_mode_change, setattr_with_sacl_change, setattr_with_dacl_change, setattr_with_modify_time_change, setattr_with_access_time_change, setattr_with_creation_time_change, setattr_with_size_change, setattr_with_allocation_size_change, exclude_directory |
Beginning with ONTAP 9.13.1, users can receive notifications for failed file operations due to lack of permissions. The list of supported access denied file operation and filter combinations for FPolicy monitoring of SMB file access events is provided in the following table:
Supported access denied file operation |
Supported filters |
|---|---|
open |
NA |