https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158964#M36282 <P>No problem Eric,&nbsp; &nbsp;and keep in mind what&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/11621">@parisi</a>&nbsp; said.&nbsp;</P> Tue, 25 Aug 2020 14:04:23 GMT SpindleNinja 2020-08-25T14:04:23Z https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158813#M36233 <P>I'm looking for a way to see when users access CIFS on specific SVM from specific IP what files they are accessing.&nbsp;</P> <P>&nbsp;</P> <P>Have a network segment will be isolating and want to verify if clients in this range are accessing CIF shares.</P> <P>&nbsp;</P> <P>&nbsp;</P> Wed, 04 Jun 2025 10:56:30 GMT https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158813#M36233 ECEDERGREN 2025-06-04T10:56:30Z https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158818#M36234 <P>Basic CIFS Audit will have what you need. &nbsp; &nbsp;You can collect the load (use the XLM collect) and grab the file and search via IP. &nbsp;&nbsp;</P> <P>&nbsp;</P> <P><A href="https://url.emailprotection.link/?bZiDLwq3m5MUgk8TtrJD_zuxWwKnkUeJCZkHhF2-C8yglURMDu2AlSz6pdHBrknZ-EbIwU7pCIer5TNUilNdXa2FYOCd7ptm9vrkIpkimfTzMZgJDWpXV1YGDdZJ1rdPgXPpn5VbMuj3UeduwgbtXJpBQwAxobndBuvSxikaVAL4okiTzmSgmFBbCDnN48x5aOGstovzQFsXP3PYXKhUmcvuiu1D5hNTZj8zx89Gj0Q2gBRiKXjyWqc0VQowDb7lfskPLUYSEdoDuQlaNWWelM4Y3cMYJNB3GwtKxZtBiKpwWahF8M1Oks-Z6B4oQr1k1sNKRcz_KkF6yhF0ewrRV670mpkQSpL7E2HCqUALdws8pDDrROSowusjRzhkf1k4XDnBLXhrdG8UTADoHW6fe3dP0wmeT9lXBjPhdkpRaNZc~" target="_blank">https://docs.netapp.com/ontap-9/topic/com.netapp.doc.dot-cifs-nfs-audit/home.html</A></P> <P>&nbsp;</P> Thu, 20 Aug 2020 15:06:36 GMT https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158818#M36234 SpindleNinja 2020-08-20T15:06:36Z https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158959#M36279 <P>Looks like&nbsp;<SPAN style="text-align: left; color: #000066; text-transform: none; text-indent: 0px; letter-spacing: normal; font-family: Arial,Verdana,sans-serif; font-size: 18.2px; font-style: normal; font-variant: normal; text-decoration: none; word-spacing: 0px; display: inline !important; white-space: normal; orphans: 2; float: none; -webkit-text-stroke-width: 0px; background-color: transparent;">security trace filters will do what I need. Thanks for pointing me in right direction.&nbsp;</SPAN></P> Tue, 25 Aug 2020 13:10:07 GMT https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158959#M36279 ECEDERGREN 2020-08-25T13:10:07Z https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158962#M36281 <P>Keep in mind you don't want to keep security trace filters enabled indefinitely (if you're referring to vserver security trace).</P> <P>&nbsp;</P> <P>Instead, use native SMB audit or a 3rd party fpolicy server.</P> Tue, 25 Aug 2020 13:44:49 GMT https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158962#M36281 parisi 2020-08-25T13:44:49Z https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158964#M36282 <P>No problem Eric,&nbsp; &nbsp;and keep in mind what&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/11621">@parisi</a>&nbsp; said.&nbsp;</P> Tue, 25 Aug 2020 14:04:23 GMT https://community.netapp.com/t5/ONTAP-Discussions/Audit-file-folder-access-from-specific-IP/m-p/158964#M36282 SpindleNinja 2020-08-25T14:04:23Z