I am trying to find a way to collect the Fpolicy events. Is there any documentation on the protocol used by fpolicy?
I am wondering if the raw messages could be received by listening on a TCP port.
These documents might be useful.https://docs.netapp.com/us-en/ontap/pdfs/sidebar/Use_FPolicy_for_file_monitoring_and_management_on_SVMs.pdf
I am not sure what events your wanting to see but check the commands and links below to see if any meet your needs. Your Fpolicy server may provide the events your looking to review.
::>vserver fpolicy policy event show
Varonis For NetApp ONTAP
How FPolicy works
NetApp File Activity Monitoring
FAQ: FPolicy: Auditing
We use one or more of the following protocols when we communicate with the FPolicy server: http(s), tcp, or CIFS(NFSv4 possible in the future).
You can reference the following KBs for some additional information on NetApp FPolicy
KB: FPolicy: What is it and what does it do
KB: What are the FPolicy partner solutions for ONTAP?
The 2nd KB includes some additional links to our Technical Reports for specific vendors. We also provides a cloud based fpolicy solution Cloud Secure via Cloud Insights.
Let us know if you have any additional questions.
Join our Discord Community