The vserver fpolicy policy event create command creates an FPolicy event. An event describes what to monitor. An event can contain protocol, file operations, filters, and volume operation event types. In the FPolicy configuration, an event is attached to an FPolicy policy. You can attach the same event to one or more policies.

Three parameters have dependency rules: -protocol , -files-operations and -filters . The following combinations are supported:

Both -protocol and -file-operations
All of -protocol , -file-operations and -filters
Specify none of three

Parameters

-vserver <Vserver Name> - Vserver

This parameter specifies the name of the Vserver on which you want to create an FPolicy event.

-event-name <Event name> - Event

This parameter specifies the name of the FPolicy event that you want to create. An event name can be up to 256 characters long. An event name value is a string that can only contain any combination of ASCII-range alphanumeric characters (a-z, A-Z, 0-9), "_" and ".".

[-protocol <Protocol>] - Protocol

This parameter specifies the protocol name for which the event will be created. By default, no protocol is selected. The value of this parameter must be one of the following:

_ cifs _ - This specifies that the event is for the CIFS protocol.
_ nfsv3_ - This specifies that the event is for the NFSv3 protocol.
_ nfsv4_ - This specifies that the event is for the NFSv4 protocol.

If you specify -protocol , then you must also specify a valid value for the -file-operations parameter.

[-file-operations <File Operation>,…] - File Operations

This parameter specifies a list of file operations for the FPolicy event. The event will check the operations specified in this list from all client requests using the protocol specified in the -protocol parameter. The list can include one or more of the following operations:

_close _ - File close operations.
_create _ - File create operations.
_create_dir _ - Directory create operations.
_delete _ - File delete operations.
_delete_dir _ - Directory delete operations.
_getattr _ - Get attribute operations.
_link _ - Link operations.
_lookup _ - Lookup operations.
_open _ - File open operations.
_read _ - File read operations.
_write _ - File write operations.
_rename _ - File rename operations.
_rename_dir _ - Directory rename operations.
_setattr _ - Set attribute operations.
_symlink _ - Symbolic link operations.

If you specify -file-operations then you must specify a valid protocol in the -protocol parameter.

[-filters <Filter>,…] - Filters

This parameter specifies a list of filters of given file operation or operations for the protocol specified in the -protocol parameter. The values in the -filters parameter are used to filter client requests. The list can include one or more of the following:

_ monitor-ads _ - Filter the client request for alternate data stream.
_ close-with-modification _ - Filter the client request for close with modification.
_ close-without-modification_ - Filter the client request for close without modification.
_ close-with-read _ - Filter the client request for close with read.
_ first-read _ - Filter the client requests for the first-read. When this filter is used for CIFS events, the first-read request within a CIFS session results in FPolicy processing. When this filter is used for NFS events, the -file-session-io-grouping-count and -file-session-io-grouping-duration configurations determine the first read-request for which FPolicy processing is done.
_ first-write _ - Filter the client requests for the first-write. When this filter is used for CIFS events, the first-write request within a CIFS session results in FPolicy processing. When this filter is used for NFS events, the -file-session-io-grouping-count and -file-session-io-grouping-duration configurations determine the first-write request for which FPolicy processing is done.
_ offline-bit _ - Filter the client request for offline bit set. Setting this filter, FPolicy server receives notification only when offline files are accessed.
_ open-with-delete-intent _ - Filter the client request for open with delete intent. Setting this filter, FPolicy server receives notification only when an attempt is made to open a file with the intent to delete it. This is used by file systems when the FILE_DELETE_ON_CLOSE flag is specified.
_ open-with-write-intent _ - Filter the client request for open with write intent. Setting this filter, FPolicy server receives notification only when an attempt is made to open a file with the intent to write something in it.
_ write-with-size-change _ - Filter the client request for write with size change.
_ setattr-with-owner-change _ - Filter the client setattr requests for changing owner of a file or directory.
_ setattr-with-group-change _ - Filter the client setattr requests for changing group of a file or directory.
_ setattr-with-sacl-change _ - Filter the client setattr requests for changing sacl on a file or directory.
_ setattr-with-dacl-change _ - Filter the client setattr requests for changing dacl on a file or directory.
_ setattr-with-modify-time-change _ - Filter the client setattr requests for changing the modification time of a file or directory.
_ setattr-with-access-time-change _ - Filter the client setattr requests for changing the access time of a file or directory.
_ setattr-with-creation-time-change _ - Filter the client setattr requests for changing the creation time of a file or directory.
_ setattr-with-mode-change _ - Filter the client setattr requests for changing the mode bits on a file or directory.
_ setattr-with-size-change _ - Filter the client setattr requests for changing the size of a file.
_ setattr-with-allocation-size-change _ - Filter the client setattr requests for changing the allocation size of a file.
_ exclude-directory _ - Filter the client requests for directory operations. When this filter is specified directory operations are not monitored.

If you specify a value for the -filters parameter, then you must also specify valid values for the -file-operations and -protocol parameters.

If the client sends multiple read/write requests simultaneously for the same file, then the first-read and first-write filters can result in more than one FPolicy notification.

[-volume-operation {true|false}] - Send Volume Operation Notifications

This parameter specifies whether volume operations generate notifications for the FPolicy event. If this field is set to true then FPolicy sends notifications when volumes are mounted or unmounted. By default, it is false .

Examples

The following example creates an FPolicy event.

cluster1::> vserver fpolicy policy event create -vserver vs1.example.com -event-name cifs_event -protocol cifs
                                                            -file-operations open,close,read,write -filters first-read,offline-bit
                                                            -volume-operation true
cluster1::> vserver fpolicy policy event show -vserver vs1.example.com -event-name cifs_event
Vserver: vs1.example.com
                  Event Name: cifs_event
                    Protocol: cifs
             File Operations: open, close, read, write
                     Filters: first-read, offline-bit
            Volume Operation: true

The following is a list of supported -file-operations and -filters for the CIFS protocol.

     Supported |
          File |
    Operations | Supported Filters
    ======================================================================================

    close      : monitor-ads, close-with-modification, close-without-modification,
                 offline-bit, close-with-read, exclude-directory
    create     : monitor-ads, offline-bit
    create_dir : none
    delete     : monitor-ads, offline-bit
    delete_dir : none
    getattr    : offline-bit, exclude-directory
    open       : monitor-ads, offline-bit, open-with-delete-intent, open-with-write-intent,
                 exclude-directory
    read       : monitor-ads, first-read, offline-bit
    write      : monitor-ads, first-write, offline-bit, write-with-size-change
    rename     : offline-bit, monitor-ads
    rename_dir : none
    setattr    : offline-bit, monitor-ads, setattr-with-owner-change,
                 setattr-with-group-change, setattr-with-sacl-change,
                 setattr-with-dacl-change, setattr-with-modify-time-change,
                 setattr-with-access-time-change, setattr-with-creation-time-change,
                 setattr-with-size-change, setattr-with-allocation-size-change,
                 exclude-directory

The following is a list of supported -file-operations and -filters for the nfsv3 protocol.

     Supported |
          File |
    Operations | Supported Filters
    ======================================================================================
     create     : offline-bit
     create_dir : none
     delete     : offline-bit
     delete_dir : none
     link       : offline-bit
     lookup     : offline-bit, exclude-directory
     read       : offline-bit, first-read
     write      : offline-bit, write-with-size-change, first-write
     rename     : offline-bit
     rename_dir : none
     setattr    : offline-bit, setattr-with-owner-change, setattr-with-group-change,
                  setattr-with-modify-time-change, setattr-with-access-time-change,
                  setattr-with-mode-change, setattr-with-size-change, exclude-directory
     symlink    : offline-bit

The following is a list of supported -file-operations and -filters for the nfsv4 protocol.

     Supported |
          File |
    Operations | Supported Filters
    ======================================================================================
     close      : offline-bit, exclude-directory
     create     : offline-bit
     create_dir : none
     delete     : offline-bit
     delete_dir : none
     getattr    : offline-bit, exclude-directory
     link       : offline-bit
     lookup     : offline-bit, exclude-directory
     open       : offline-bit, exclude-directory
     read       : offline-bit, first-read
     write      : offline-bit, write-with-size-change, first-write
     rename     : offline-bit
     rename_dir : none
     setattr    : offline-bit, setattr-with-owner-change, setattr-with-group-change,
                  setattr-with-sacl-change, setattr-with-dacl-change,
                  setattr-with-modify-time-change, setattr-with-access-time-change,
                  setattr-with-size-change, exclude-directory
     symlink    : offline-bit