Skip to main content

vserver security trace filter show

Display a security trace entry

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

The vserver security trace filter show command displays information about security trace filter entries. Prior to Data ONTAP 9.3, this feature was only supported for CIFS. In Data ONTAP 9.3 and later, this feature is supported for both NFS and CIFS.

NFS security trace filters are not supported for FlexGroup volumes, and will only be applied to the FlexVol volumes within the specified Vserver.

Parameters

{ [-fields <fieldname>, ...]
If you specify the -fields <fieldname>, ... parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.
| [-instance ]}
If you specify the -instance parameter, the command displays detailed information about all fields.
[-vserver <vserver name>] - Vserver
If you specify this parameter, the command displays permission tracing information only for filters applied to the specified Vserver.
[-index <integer>] - Filter Index
If you specify this parameter, the command displays permission tracing information only for filters with the specified filter index number.
[-protocols {cifs|nfs}, ...] - Protocols
If you specify this parameter, the command displays permission tracing information only for filters applied to the specified protocols.
[-client-ip <IP Address>] - Client IP Address to Match
If you specify this parameter, the command displays permission tracing information only for filters applied to the specified client IP address.
[-path <TextNoCase>] - Path
If you specify this parameter, the command displays permission tracing information only for filters applied to the specified path.
[-windows-name <TextNoCase>] - Windows User Name
If you specify this parameter, the command displays permission tracing information only for filters applied to the specified Windows user name.
[-unix-name <TextNoCase>] - UNIX User Name or User ID
If you specify this parameter, the command displays permission tracing information only for filters applied to the specified UNIX user name or user ID(for NFS specififc filters).
[-trace-allow {yes|no}] - Trace Allow Events
If you specify this parameter, the command displays information only about events that either trace or do not trace allow events, depending on the value provided.
[-enabled {enabled|disabled}] - Filter Enabled
If you specify this parameter, the command displays information only about filters that either are enabled or disabled, depending on the value provided.
[-time-enabled <integer>] - Minutes Filter is Enabled
If you specify this parameter, the command displays information only about filters that are disabled after the specified minutes.

Examples

The following example displays security trace filters for Vserver vserver1. 

cluster1::> vserver security trace filter show
Vserver  Index   Client-IP     Path          Trace-Allow Windows-Name  Protocol
-------- ----- ------------ ---------------- ----------- ------------- --------
vserver1 1     -            -                no          domain\user   cifs
vserver1 2     192.168.2.3  -                yes         -             cifs
vserver1 3     -            /dir1/dir2/file  no          domain\       cifs
                                                         administrator
vserver1 4     -            file             yes         -             nfs
4 entries were displayed.