I want to use auditing to detect if anyone has accessed /~snapshot. We are using cluster mode 8.x.
When testing this my results are eratic. Sometimes accessing a prevous version of a file is captured in the audit log but usually not.
there's command "volume snapshot event-config modify" on 8.3. but enabling this might cause excessive logging into /mroot.
The NetApp Support Site won an Association of Support Professionals Best Support Website in 2022 award.
Live Chat, Watch Parties, and More!