ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • vserver vscan on-demand-task create

    Create an On-Demand task

    Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

    Description

    The vserver vscan on-demand-task create command creates an On-Demand task. The On-Demand task consists of a set of attributes that are used for configuring the scope of scanning. It also specifies the cron schedule at which the task should run.

    Parameters

    -vserver <vserver name> - Vserver

    This parameter specifies the name of the Vserver on which you want to create an On-Demand task.

    -task-name <text> - Task Name

    This parameter specifies the name of the On-Demand task that you want to create. An On-Demand task name can be up to 256 characters long.

    -scan-paths <text>,…​ - List of Scan Paths

    This parameter specifies a list of paths, separated by commas, for virus scanning. This path is given from the root of the Vserver using UNIX path delimiter "/".

    -report-directory <text> - Report Directory Path

    This parameter specifies a directory path where the On-Demand report file is created. Each run for a task creates a new file. The report directory path is given from the root of the Vserver using UNIX path delimiter "/".

    [-schedule <text>] - Job Schedule

    This parameter specifies the already existing cron schedule. The On-Demand task triggers virus scanning for the specified scan-paths at the time configured in the schedule.

    A Vserver can have only one scheduled task at a time.
    [-max-file-size {<integer>[KB|MB|GB|TB|PB]}] - Max File Size Allowed for Scanning

    This parameter specifies the maximum size of the file that will be considered for virus scanning. By default, it is 10GB .

    [-paths-to-exclude <text>,…​] - File Paths Not to Scan

    This parameter specifies a list of paths, separated by commas, to exclude from virus scanning. This path is given from the root of the Vserver using UNIX path delimiter "/". By default, no paths are excluded. The path can be in one of the following forms:

    • /dir1/dir2/name - This would match "/dir1/dir2/name" as well as "/dir1/dir2/name/…​".

    • /dir1/dir2/name/ - This would only match "/dir1/dir2/name/…​".

    If you are using the CLI, you must delimit all paths with double quotation marks ("). For instance, to add the paths "/vol/a b/" and "/vol/a,b/" to the -paths-to-exclude in the CLI, type "/vol/a b/","/vol/a,b/" at the command prompt.
    [-file-ext-to-exclude <File extension>,…​] - File Extensions Not to Scan

    This parameter specifies a list of file extensions, separated by commas, to exclude from virus scanning. By default, no file extensions are excluded. Each file extension can be up to 16 characters long. The -file-ext-to-exclude supports wildcard patterns containing "*" and "?". Pattern matching is defined as:

    • * - Matches any string, including the empty string. For example, mp* matches mp, mp3, mp4, mpeg etc.

    • ? - Matches any single character. For example, mp? matches mp3, mp4 but not mp and mpeg.

    If you are using the CLI, you must delimit all patterns with double quotation marks ("). For instance, to enter the pattern mp* in the CLI, type "mp*" at the command prompt. To add a "?" to the expression, press ESC followed by the "?".
    [-file-ext-to-include <File extension>,…​] - File Extensions to Scan

    This parameter specifies a list of file extensions, separated by commas, to include for virus scanning. By default it is * , which means all the file extensions are considered for virus scanning except those that match one of the patterns provided in -file-ext-to-exclude list. Each file extension can be up to 16 characters long. The -file-ext-to-include supports wildcard patterns containing "*" and "?". Pattern matching is defined as:

    • * - Matches any string, including the empty string. For example, mp* matches mp, mp3, mp4, mpeg etc.

    • ? - Matches any single character. For example, mp? matches mp3, mp4 but not mp and mpeg.

    If you are using the CLI, you must delimit all patterns with double quotation marks ("). For instance, to enter the pattern mp* in the CLI, type "mp*" at the command prompt. To add a "?" to the expression, press ESC followed by the "?".
    If you specify both -file-ext-to-include and -file-ext-to-exclude lists, then only those file extensions are considered for virus scanning which match one of the patterns provided in -file-ext-to-include list but do not match any of the patterns provided in -file-ext-to-exclude list.
    [-scan-files-with-no-ext {true|false}] - Scan Files with No Extension

    This parameter specifies if the files without any extension are considered for virus scanning or not. By default, it is true.

    [-request-timeout <[<integer>h][<integer>m][<integer>s]>] - Request Service Timeout

    This parameter specifies the timeout value for a scan request. It is used to specify the time interval in which the node waits for a response from the Vscan server. Beyond this timeout period, the scan request is considered as failed. The value for this field must be between 10s and 1h. By default, it is 5m.

    [-cross-junction {true|false}] - Cross Junction

    This parameter specifies if the On-Demand task is allowed to cross volume junctions. If the parameter is set to false, crossing junctions is not allowed. By default, it is true.

    [-directory-recursion {true|false}] - Directory Recursion

    This parameter specifies if the On-Demand task is allowed to recursively scan through sub-directories. If the parameter is set to false, recursive scanning is not allowed. By default, it is true.

    [-scan-priority {low|normal}] - Scan Priority

    This parameter specifies the priority of the On-Demand scan requests generated by this task compared to On-Access scan requests. By default, it is low.

    [-report-log-level {verbose|info|error}] - Report Log Level

    This parameter specifies the log level of the On-Demand report. By default, it is info.

    [-report-expiry-time <[<integer>h][<integer>m][<integer>s]>] - Expiration Time for Report

    This parameter specifies the expiration time for the reports generated by On-Demand scans. Once this time elapses, the reports are auto-deleted. The default value is 0, which means reports are retained until they are manually deleted.

    Examples

    The following example creates an On-Demand task:

    cluster1::> vserver vscan on-demand-task create -vserver vs1 -task-name t1
                -scan-paths "/vol1/","/vol2/cifs/" -report-directory "/report"
                -schedule daily -max-file-size 5GB -paths-to-exclude "/vol1/cold-files/"
                -file-ext-to-include "vmdk?","mp*" -file-ext-to-exclude "mp3","mp4"
                -scan-files-with-no-ext false -request-timeout 2m -cross-junction false
                -directory-recursion true -scan-priority low -report-log-level verbose
                -report-expiry-time 12h
    [Job 126]: Vscan On-Demand job is queued. Use the "job show -id 126" command to view the status.
    
    cluster1::> vserver vscan on-demand-task show -instance -vserver vs1 -task-name t1
    Vserver: vs1
                             Task Name: t1
                    List of Scan Paths: /vol1/, /vol2/cifs/
                 Report Directory Path: /report
                          Job Schedule: daily
    Max File Size Allowed for Scanning: 5GB
                File Paths Not to Scan: /vol1/cold-files/
           File Extensions Not to Scan: mp3, mp4
               File Extensions to Scan: vmdk, mp*
          Scan Files with No Extension: false
               Request Service Timeout: 2m
                        Cross Junction: false
                   Directory Recursion: true
                         Scan Priority: low
                      Report Log Level: verbose
    Top of Page