https://community.netapp.com/t5/ONTAP-Discussions/Multi-admin-verification-query-any-way-to-exclude-application-accounts/m-p/457289#M44378 <P>Commvault is triggering ontap snapshot creation/deletion via AIQUM. with MAV rule "volume snapshot delete" this creates an approval request instead of just deleting it. I am wondering if there is any way to exclude this account from this rule. so something like operation="volume snapshot delete" and query="-requested-user=!&lt;AIQUM account&gt;".&nbsp;</P><P>&nbsp;</P><P>For the query options I have not found any documentation.&nbsp;</P> Wed, 11 Dec 2024 14:04:41 GMT SW1 2024-12-11T14:04:41Z https://community.netapp.com/t5/ONTAP-Discussions/Multi-admin-verification-query-any-way-to-exclude-application-accounts/m-p/457289#M44378 <P>Commvault is triggering ontap snapshot creation/deletion via AIQUM. with MAV rule "volume snapshot delete" this creates an approval request instead of just deleting it. I am wondering if there is any way to exclude this account from this rule. so something like operation="volume snapshot delete" and query="-requested-user=!&lt;AIQUM account&gt;".&nbsp;</P><P>&nbsp;</P><P>For the query options I have not found any documentation.&nbsp;</P> Wed, 11 Dec 2024 14:04:41 GMT https://community.netapp.com/t5/ONTAP-Discussions/Multi-admin-verification-query-any-way-to-exclude-application-accounts/m-p/457289#M44378 SW1 2024-12-11T14:04:41Z https://community.netapp.com/t5/ONTAP-Discussions/Multi-admin-verification-query-any-way-to-exclude-application-accounts/m-p/457312#M44387 <P><SPAN>Only one MAV rule can be created per operation; for example, you cannot make multiple&nbsp;</SPAN>volume-snapshot-delete<SPAN>&nbsp;rules. Any desired rule constraints must be contained within one rule.&nbsp; &nbsp;</SPAN></P><P><SPAN><A href="https://docs.netapp.com/us-en/ontap/multi-admin-verify/manage-rules-task.html" target="_blank" rel="noopener">Manage protected operation rules</A></SPAN></P> Thu, 12 Dec 2024 07:30:02 GMT https://community.netapp.com/t5/ONTAP-Discussions/Multi-admin-verification-query-any-way-to-exclude-application-accounts/m-p/457312#M44387 liu 2024-12-12T07:30:02Z https://community.netapp.com/t5/ONTAP-Discussions/Multi-admin-verification-query-any-way-to-exclude-application-accounts/m-p/457332#M44390 <P>This is clear to me. using the query option you can make sure snaphot delete operations will not require additional approval for volumes matching a pattern:&nbsp;</P><P>&nbsp;</P><P>rule create -operation="volume snapshot delete" -query="-volume !CC_CVLT*"</P><P>&nbsp;</P><P>with this rule deleting snapshots will trigger an approval request only for volumes not starting with this pattern. I would like to know if this can also be done with requested user but I have not found any detailed documentation for available options.&nbsp;</P> Thu, 12 Dec 2024 10:51:42 GMT https://community.netapp.com/t5/ONTAP-Discussions/Multi-admin-verification-query-any-way-to-exclude-application-accounts/m-p/457332#M44390 SW1 2024-12-12T10:51:42Z