Thanks for the response, it confirms what I thought I was reading in the guides. I have been unpicking an old filer and trying to
make sense of the configuration.
Just for clarity can you confirm in the new environment ONTAP 9.1 P1 the volume is : /vol/volname security = UNIX
it is exposed to clients via NFS exports And CIFS Shares.
So if I add suitable NFSv4 ACL to the volume. I should get audit events when the share is access from either
NFS or CIFS protocals. Is that correct ?