Chatta subito con l'assistenza
Chat con il supporto

Change Auditor for NetApp 7.1.1 - User Guide

NetApp Filer Events

The following events can be selected for auditing from the Events tab on the NetApp Auditing wizard. The events listed on the Events tab is based on the file/folder specified in the Audit Path and the coverage specified in the Scope cell.

File Events
NetApp File access rights changed (no from-value)
NetApp File contents written
NetApp File created
NetApp File deleted
NetApp File moved
NetApp File opened (Only available when Audit Path is File)
NetApp File ownership changed (no from-value)
NetApp File renamed
Folder Events
NetApp Folder access rights changed (no from-value)
NetApp Folder created
NetApp Folder deleted
NetApp Folder moved
NetApp Folder ownership changed (no from-value)
NetApp Folder renamed
 

 

File and Folder Inclusion and Exclusion Examples

This section provides sample entries for the Inclusions and Exclusions tabs on the auditing wizard. It does not list every combination available, but provides a variety of examples to help you understand how to use the wildcard characters allowed on these two tabs.

The Inclusions and Exclusions tabs only appear when the Folder, Volume or All Volumes option is selected in the Audit Path field and the Scope includes child objects. Use these two tabs as described below:
Inclusions tab - enter a file mask to specify what is to be audited.
Exclusions tab - optionally enter a file mask (or path) to specify subfolders and files in the selected audit path that are to be excluded from auditing.

Inclusions tab

You must enter a file mask on the Inclusions tab to specify what is to be audited in the selected audit path. Use the following characters to specify a file mask on the Inclusions tab:
Fixed characters such as letters, numbers and other characters that are allowed in file names.
An asterisk (*) wildcard character to substitute zero or more characters.
Question mark (?) wildcard character to substitute a single character.
A double asterisk (**) to specify a recursive match. (find match in the folder and all subfolders in audit path).
* 
NOTE: The slash (\) and double asterisk (**) characters can only be used with volumes.
Examples:

The following table provides some examples of file masks that can be used on the Inclusions tab of the auditing wizard. Note that <String> in this table may contain any of the file mask characters described above (i.e., fixed characters, * or ?).

Table 3. Inclusion examples
What is included in the audit
Inclusion syntax/examples:

Include all files located anywhere in the audit path.

NOTE: This is the most commonly used file mask.

Inclusion Syntax: *

Include all files with a specific file name regardless of its file extension.

Inclusion Syntax: <FileName>.*

Example: Name.*

Includes:
Name.txt
Name.docx
Name.pdf

Include all files with a specific file extension.

Inclusion Syntax: <FileNameString>.<Ext>

Example 1: *.tmp

Includes:
Files with a file extension of .tmp.

Name.tmp
Testing.tmp

Example 2: ???*.doc

Includes:
Files whose name contains at least three characters with a file extension of .doc.

MyTest.doc
Testing123.doc
123.doc

Example 3: ???test.doc

Includes:
Files whose name contains seven characters and ends in ‘test’ with a file extension of .doc.

ABCtest.doc
123test.doc

Include all files with a specific file name that has a file extension of a specific length (number of characters).

Inclusion Syntax: <FileName>.<ExtString>

Example 1: Name.???

Includes:
Name.txt
Name.tmp
Name.pdf

Example 2: Name.????

Includes:
Name.docx
Name.xlsx

Include all files that contain a specific string in their name and/or file extension.

Inclusion Syntax: <FileNameString>.<ExtString>

Example: *name.??p

Includes:
Files whose name end with ‘name’ with a three character file extension that ends in the letter ‘p’.

Myname.tmp
Name.bmp

 

Exclusions tab

If you do not want to exclude anything (folders or files) in the audit path from auditing, skip this tab. However, if you want to exclude a specific folder/file or group of folders/files, use the following characters to specify what is to be excluded:
Fixed characters such as letters, numbers and other characters that are allowed in file names.
An asterisk (*) wildcard character to substitute zero or more characters.
* 
NOTE: Use a single asterisk (*) to specify a non-recursive match (find match in the folder only; does not match any slash characters (\)).

Use a double asterisk (**) to specify a recursive match (find match in the folder and all subfolders in audit path; matches slash characters (\) and directory names in paths).
Question mark (?) wildcard character to substitute a single character (does not match any slash characters (\).
* 
NOTE: Be sure to select the appropriate Add option (Folder or File) when adding an exclusion or you may not get the results expected. That is, use Add | Folder to exclude the auditing of activity against files/subfolders in folder(s) that match the exclusion string. Use Add | File to exclude the auditing of activity against file(s) that match the exclusion string.
Exclusion examples

These examples show how to use file masks on the Exclusions tab of the auditing wizard. Note that <String> in these examples may contain any of the file mask characters described above (such as, fixed characters, * or ?).
Folder exclusion examples
Volume exclusion examples
All volume exclusion examples
Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione