ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • security anti-ransomware volume show

    Show anti-ransomware related information of volumes

    Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

    Description

    The security anti-ransomware volume show command displays information related to Anti-ransomware on the volumes in the cluster. The following information is displayed:

    • Vserver Name: The Vserver on which the volume is located.

    • Volume Name: The volume name

    • State: The Anti-ransomware state of the volume. The possible values are disabled , enabled , dry-run , dry-run-paused , enable-paused and disable-in-progress .

    Parameters

    { [-fields <fieldname>,…​]

    If you specify the -fields <fieldname>, …​ parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

    | [-attack ]

    If this parameter is specified, ransomware attack details are displayed.

    | [-instance ] }

    If you specify the -instance parameter, the command displays detailed information about all fields.

    [-vserver <vserver name>] - Vserver Name

    If this parameter and the -volume parameter are specified, the command displays detailed information related to Anti-ransomware about the specified volume. If this parameter is specified by itself, the command displays information related to the Anti-ransomware about all volumes on the specified Vservee.

    [-volume <volume name>] - Volume Name

    If this parameter and the -vserver parameter are specified, the command displays detailed information related to Anti-ransomware about the specified volume. If this parameter is specified by itself, the command displays information related to the Anti-ransomware about all volumes matching the specified name.

    [-state {disabled|enabled|dry-run|paused|dry-run-paused|enable-paused|disable-in-progress}] - State

    If this parameter is specified, the command displays information only about the volume or volumes that have the specified Anti-ransomware state. The possible values are disabled , enabled , dry-run , dry-run-paused , enable-paused and disable-in-progress . The possible states are:

    • disabled - Anti-ransomware is disabled on the volume.

    • enabled - Anti-ransomware is enabled on the volume.

    • dry-run - Anti-ransomware is enabled in the dry-run or evaluation mode on the volume.

    • dry-run-paused - Anti-ransomware is paused from dry-run or evaluation mode on the volume.

    • enable-paused - Anti-ransomware is paused on the volume.

    • disable-in-progress - Anti-ransomware disable work is in progress on the volume.

    [-dry-run-start-time <MM/DD/YYYY HH:MM:SS>] - Dry Run Start Time

    If this parameter is specified, the command displays the dry run start time of the volumes that have the state dry-run or dry-run-paused.

    [-attack-probability {none|low|moderate|high}] - Attack Probability

    If this parameter is specified, the command displays information only about the volumes that have the specified probability. The possible values are none ,low , moderate , and high .

    • none - No data is suspected for ransomware activity.

    • low - Small amount data is suspected for ransomware activity.

    • moderate - Moderate amount of data is suspected for ransomware activity.

    • high - Large amount data is suspected for ransomware activity.

    [-attack-timeline <MM/DD/YYYY HH:MM:SS>,…​] - Attack Timeline

    If this parameter is specified, the command displays information only about the volumes that have the specified attack-timeline.

    [-no-of-attacks <integer>] - Number of Attacks

    This provides the number of ransomware attacks observed.

    Examples

    The following example shows a sample output for this command:

    cluster1::> security anti-ransomware volume show
    
    Vserver    Volume       State
    ---------- ------------ -------
    vs1        vol1         enabled
    Top of Page