ONTAP 9.14.1 commands

vserver fpolicy policy show

Display policy configuration

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

The vserver fpolicy policy show command displays information about all FPolicy policies belonging to the Vserver. Any Vserver administrator can see FPolicy policies associated with their Vserver as well as policies created by the cluster administrator. The command output depends on the parameter or parameters specified with the command. If you do not specify any parameters, the command displays the following information about all FPolicy policies:

  • Vserver name

  • Policy name

  • Events to monitor

  • FPolicy engine

  • Is mandatory screening required

  • Allow privileged access

  • User name for privileged access

You can specify the -fields parameter to specify which fields of information to display about FPolicy policies. You can specify additional parameters to display only information that matches those parameters. For example, to display information only about FPolicy policies where the FPolicy server requires privileged access, run the command with the -fields parameter set to policy-name (no "-") and -allow-privileged-access parameter set to yes .

You can specify the -instance parameter to display all information for all policies in the list form.

Parameters

{ [-fields <fieldname>,…​]

If you specify the -fields <fieldname>, …​ parameter, the command only displays the fields that you specify.

| [-instance ] }

If you specify the -instance parameter, the command displays detailed information about all entries.

[-vserver <Vserver Name>] - Vserver

If you specify this parameter, the command displays information only about the FPolicy policies for the specified Vserver. FPolicy policies created by the cluster administrator are visible for all Vservers.

[-policy-name <Policy name>] - Policy

If you specify this parameter, the command displays information only about the FPolicy policy that you specify.

[-events <Event name>,…​] - Events to Monitor

If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified event or events.

[-engine <Engine name>] - FPolicy Engine

If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified engine.

[-is-mandatory {true|false}] - Is Mandatory Screening Required

If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified mandatory attribute.

[-allow-privileged-access {yes|no}] - Allow Privileged Access

If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified privileged access.

[-privileged-user-name <text>] - User Name for Privileged Access

If you specify this parameter, the command displays information only about the FPolicy policy or policies that use the specified privileged user name.

[-is-passthrough-read-enabled {true|false}] - Is Passthrough Read Enabled

If you specify this parameter, the command displays information only about the FPolicy policies that use the specified passthrough-read setting.

[-persistent-store <text>] - Persistent Store Name

This parameter specifies persistent storage name. This can then be used for enabling the Peristent mode for Fpolicy events.

Examples

The following example displays the information about FPolicy policies on the cluster using the vserver fpolicy policy show command.

cluster1::> vserver fpolicy policy show
Vserver         Policy       Events     Engine         Is Mandatory  PrivAccess
--------------- -----------  ---------- -------------  ------------  ----------
Cluster         cserver_pol  cserver_   cserver_eng    true          yes
                             evt
vs1.example.com p            r          n              true          no
vs1.example.com cserver_pol  cserver_   cserver_eng    true          yes
                             evt
vs2.example.com cserver_pol  cserver_   cserver_eng    true          yes
                             evt
4 entries were displayed.

The following example displays FPolicy policy name information about all Vserver FPolicy policies with the -allow-privileged-access parameter set to "yes".

cluster1::> vserver fpolicy policy show -fields policy-name -allow-privileged-access yes
vserver         policy-name
--------------- -----------
Cluster         cserver_pol
vs1.example.com cserver_pol
vs2.example.com cserver_pol
3 entries were displayed.
Top of Page