ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

CIFS share auditing for deleting/modifing/moving items

FelixZhou
‎2019-12-13 01:33 PM
4,150 Views

on EMC VNX, we can redirect the auditing log to different file system. Not sure if we can do the same on NetApp AFF. we will need to trace the file and folder deleting, modifying and moving actions on CIFS shares. Any sugestions will be appreciated.

thanks

0 Kudos
4 REPLIES 4

Ontapforrum
‎2019-12-13 06:26 PM
4,110 Views

For reference:
How to set up CIFS auditing with clustered Data ONTAP
https://kb.netapp.com/app/answers/answer_view/a_id/1030726


FAQ: ONTAP/Data ONTAP Log Overview
https://kb.netapp.com/app/answers/answer_view/a_id/1001023

This is a general audit.log file, it is sent by the AutoSupport tool to the specified recipients. You can also forward the content securely to external destinations that you specify; for example, a Splunk or a syslog server.

FelixZhou
‎2019-12-15 09:02 AM
In response to Ontapforrum
4,022 Views

thanks for replay.  It looks more on auditing of NetApp user activities rather than on data changes.  if any further information on this, please share.

0 Kudos

Ontapforrum
‎2019-12-16 02:31 AM
In response to FelixZhou
3,984 Views

I think you are looking for 'file' access events.

 

There are also 3rd Party FPOLICY servers which is supported with cDOT,  which also does the CIFS audit in more depth with a GUI (Front-end app).

 

FAQ: FPolicy: Auditing 
https://kb.netapp.com/app/answers/answer_view/a_id/1000982


More reference material:
Deciding whether to use the SMB/CIFS and NFS Auditing and Security Tracing Guide:
https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.cdot-famg-cifs%2FGUID-39EA9A84-7543-4C3E-912E-387F232755F8.html&lang=en

 

Clustered Data ONTAP CIFS Auditing Quick Start Guide:
https://www.netapp.com/us/media/tr-4189.pdf

https://kb.netapp.com/app/answers/answer_view/a_id/1030726


SMB/CIFS and NFS Auditing and Security Tracing Guide:
https://docs.netapp.com/ontap-9/index.jsp?topic=%2Fcom.netapp.doc.dot-cifs-nfs-audit%2FGUID-01F56118-DE39-4DD0-ACAC-567E394A514A.html&lang=en

liu
‎2025-04-29 02:12 AM
446 Views

There are detailed documents about the audit in this link

How to set up NAS auditing in ONTAP 9 - NetApp Knowledge Base

NAS auditing for CIFS and NFS - FAQ - NetApp Knowledge Base

0 Kudos
All Community Forums
Public