I have seen similar events in the past and opened a case as well. NetApp is unable to identify the source because there is no logging of the client address. Also there is no auditing for NFSv3 access available. The log messages are completely useless this way. I complained about it, but as usual nobody cares at NetApp.