Hi all,

We use CIFS and NFS audit function (using SLAG) to collect file access events (read,write, delete...). We used this procedure : https://library.netapp.com/ecmdocs/ECMP1196993/html/GUID-06C74280-7DC2-4DC9-AEDB-57E83AEAABBE.html

It works well for CIFS file access, but for NFS file access, the IP adress shown in audit logs is invalid : source IP appears as 68.0.0.0  :

We made several tests (on different filers and qtrees) and each time the issue is the same : an invalid IP address wich is not exploitable

Any suggestions to solve this issue ?

Thx for your help