ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • vserver security trace filter show

    Display a security trace entry

    Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

    Description

    The vserver security trace filter show command displays information about security trace filter entries. Prior to Data ONTAP 9.3, this feature was only supported for CIFS. In Data ONTAP 9.3 and later, this feature is supported for both NFS and CIFS.

    NFS security trace filters are not supported for FlexGroup volumes, and will only be applied to the FlexVol volumes within the specified Vserver.

    Parameters

    { [-fields <fieldname>,…​]

    If you specify the -fields <fieldname>, …​ parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.

    | [-instance ] }

    If you specify the -instance parameter, the command displays detailed information about all fields.

    [-vserver <vserver name>] - Vserver

    If you specify this parameter, the command displays permission tracing information only for filters applied to the specified Vserver.

    [-index <integer>] - Filter Index

    If you specify this parameter, the command displays permission tracing information only for filters with the specified filter index number.

    [-protocols {cifs|nfs}] - Protocols

    If you specify this parameter, the command displays permission tracing information only for filters applied to the specified protocols.

    [-client-ip <IP Address>] - Client IP Address to Match

    If you specify this parameter, the command displays permission tracing information only for filters applied to the specified client IP address.

    [-path <TextNoCase>] - Path

    If you specify this parameter, the command displays permission tracing information only for filters applied to the specified path.

    [-windows-name <TextNoCase>] - Windows User Name

    If you specify this parameter, the command displays permission tracing information only for filters applied to the specified Windows user name.

    [-unix-name <TextNoCase>] - UNIX User Name or User ID

    If you specify this parameter, the command displays permission tracing information only for filters applied to the specified UNIX user name or user ID(for NFS specififc filters).

    [-trace-allow {yes|no}] - Trace Allow Events

    If you specify this parameter, the command displays information only about events that either trace or do not trace allow events, depending on the value provided.

    [-enabled {enabled|disabled}] - Filter Enabled

    If you specify this parameter, the command displays information only about filters that either are enabled or disabled, depending on the value provided.

    [-time-enabled <integer>] - Minutes Filter is Enabled

    If you specify this parameter, the command displays information about the time durations configured for filters during creation.

    Examples

    The following example displays security trace filters for Vserver vserver1 .

    cluster1::> vserver security trace filter show
    Vserver  Index   Client-IP     Path          Trace-Allow Windows-Name  Protocol
    -------- ----- ------------ ---------------- ----------- ------------- --------
    vserver1 1     -            -                no          domain\user   cifs
    vserver1 2     192.168.2.3  -                yes         -             cifs
    vserver1 3     -            /dir1/dir2/file  no          domain\       cifs
                                                             administrator
    vserver1 4     -            file             yes         -             nfs
    4 entries were displayed.
    Top of Page