netapp.ontap.na_ontap_vserver_audit module – NetApp Ontap - create, delete or modify vserver audit configuration.
Note
This module is part of the netapp.ontap collection (version 22.12.0).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install netapp.ontap
. You need further requirements to be able to use this module, see Requirements for details.
To use it in a playbook, specify: netapp.ontap.na_ontap_vserver_audit
.
New in netapp.ontap 22.3.0
Synopsis
- Create, delete or modify vserver audit configuration.
Requirements
The below requirements are needed on the host that executes this module.
- Ansible 2.9 or later - 2.12 or later is recommended.
- Python3 - 3.9 or later is recommended.
- When using ZAPI, netapp-lib 2018.11.13 or later (install using ‘pip install netapp-lib’), netapp-lib 2020.3.12 is strongly recommended as it provides better error reporting for connection issues
- a physical or virtual clustered Data ONTAP system, the modules support Data ONTAP 9.1 and onward, REST support requires ONTAP 9.6 or later
Parameters
Parameter | Comments |
---|---|
cert_filepath string added in netapp.ontap 20.6.0 | path to SSL client cert file (.pem). not supported with python 2.6. |
enabled boolean | Specifies whether or not auditing is enabled on the SVM. Choices:
|
events dictionary | Specifies events for which auditing is enabled on the SVM. |
authorization_policy boolean |
Authorization policy change events. Choices:
|
cap_staging boolean |
Central access policy staging events. Choices:
|
cifs_logon_logoff boolean |
CIFS logon and logoff events. Choices:
|
file_operations boolean |
File operation events. Choices:
|
boolean |
File share category events. Choices:
|
security_group boolean |
Local security group management events. Choices:
|
user_account boolean |
Local user account management events. Choices:
|
feature_flags dictionary added in netapp.ontap 20.5.0 | Enable or disable a new feature. This can be used to enable an experimental feature or disable a new feature that breaks backward compatibility. Supported keys and values are subject to change without notice. Unknown keys are ignored. |
force_ontap_version string added in netapp.ontap 21.23.0 | Override the cluster ONTAP version when using REST. The behavior is undefined if the version does not match the target cluster. This is provided as a work-around when the cluster version cannot be read because of permission issues. See https://github.com/ansible-collections/netapp.ontap/wiki/Known-issues. This should be in the form 9.10 or 9.10.1 with each element being an integer number. When Ignored with ZAPI. |
guarantee boolean | Indicates whether there is a strict Guarantee of Auditing. This option requires ONTAP 9.10.1 or later. Choices:
|
hostname string / required | The hostname or IP address of the ONTAP instance. |
http_port integer | Override the default port (80 or 443) with this port |
https boolean | Enable and disable https. Ignored when using REST as only https is supported. Ignored when using SSL certificate authentication as it requires SSL. Choices:
|
key_filepath string added in netapp.ontap 20.6.0 | path to SSL client key file. |
log dictionary | Specifies events for which auditing is enabled on the SVM. |
format string |
This option describes the format in which the logs are generated by consolidation process. Possible values are, xml - Data ONTAP-specific XML log format evtx - Microsoft Windows EVTX log format Choices:
|
retention dictionary |
This option describes the count and time to retain the audit log file. |
count integer |
Determines how many audit log files to retain before rotating the oldest log file out. This is mutually exclusive with duration. |
duration string |
Specifies an ISO-8601 format date and time to retain the audit log file. The audit log files are deleted once they reach the specified date/time. This is mutually exclusive with count. |
rotation dictionary |
Audit event log files are rotated when they reach a configured threshold log size or are on a configured schedule. When an event log file is rotated, the scheduled consolidation task first renames the active converted file to a time-stamped archive file, and then creates a new active converted event log file. |
schedule dictionary added in netapp.ontap 22.11.0 |
Rotates the audit logs based on a schedule by using the time-based rotation parameters in any combination. The rotation schedule is calculated by using all the time-related values. |
days list / elements=integer |
Specifies the day of the month schedule to rotate audit log. Specify -1 to rotate the audit logs all days of a month. |
hours list / elements=integer |
Specifies the hourly schedule to rotate audit log. Specify -1 to rotate the audit logs every hour. |
minutes list / elements=integer |
Specifies the minutes schedule to rotate the audit log. |
months list / elements=integer |
Specifies the months schedule to rotate audit log. Specify -1 to rotate the audit logs every month. |
weekdays list / elements=integer |
Specifies the weekdays schedule to rotate audit log. Specify -1 to rotate the audit logs every day. |
size integer |
Rotates logs based on log size in bytes. Default value is 104857600. |
log_path string | The audit log destination path where consolidated audit logs are stored. |
ontapi integer | The ontap api version to use |
password aliases: pass string | Password for the specified user. |
state string | Whether the specified vserver audit configuration should exist or not. Choices:
|
use_rest string | Whether to use REST or ZAPI. always – will always use the REST API if the module supports REST. A warning is issued if the module does not support REST. An error is issued if a module option is not supported in REST. never – will always use ZAPI if the module supports ZAPI. An error may be issued if a REST option is not supported in ZAPI. auto – will try to use the REST API if the module supports REST and modules options are supported. Reverts to ZAPI otherwise. Default: |
username aliases: user string | This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation https://mysupport.netapp.com/NOW/download/software/nmsdk/9.4/. Two authentication methods are supported
To use a certificate, the certificate must have been installed in the ONTAP cluster, and cert authentication must have been enabled. |
validate_certs boolean | If set to This should only set to Choices:
|
vserver string / required | Specifies name of the Vserver. |
Notes
Note
- This module supports REST only.
- At least one event should be enabled.
- No other fields can be specified when enabled is specified for modify.
- The modules prefixed with na_ontap are built to support the ONTAP storage platform.
- https is enabled by default and recommended. To enable http on the cluster you must run the following commands ‘set -privilege advanced;’ ‘system services web modify -http-enabled true;’
Examples
- name: Create vserver audit configuration netapp.ontap.na_ontap_vserver_audit: state: present vserver: ansible enabled: True events: authorization_policy: False cap_staging: False cifs_logon_logoff: True file_operations: True file_share: False security_group: False user_account: False log_path: "/" log: format: xml retention: count: 4 rotation: size: "1048576" guarantee: False hostname: "{{ netapp_hostname }}" username: "{{ netapp_username }}" password: "{{ netapp_password }}" - name: Modify vserver audit configuration netapp.ontap.na_ontap_vserver_audit: state: present vserver: ansible enabled: True events: authorization_policy: True cap_staging: True cifs_logon_logoff: True file_operations: True file_share: True security_group: True user_account: True log_path: "/tmp" log: format: evtx retention: count: 5 rotation: size: "104857600" guarantee: True hostname: "{{ netapp_hostname }}" username: "{{ netapp_username }}" password: "{{ netapp_password }}" - name: Delete vserver audit configuration netapp.ontap.na_ontap_vserver_audit: state: absent vserver: ansible hostname: "{{ netapp_hostname }}" username: "{{ netapp_username }}" password: "{{ netapp_password }}" # The audit logs are rotated in January and March on Monday, Wednesday, and Friday, # at 6:15, 6:30, 6:45, 12:15, 12:30, 12:45, 18:15, 18:30, and 18:45 # The last 6 audit logs are retained - name: Create vserver audit configuration netapp.ontap.na_ontap_vserver_audit: state: present vserver: ansible enabled: True events: authorization_policy: False cap_staging: False cifs_logon_logoff: True file_operations: True file_share: False security_group: False user_account: False log_path: "/" log: format: xml retention: count: 6 rotation: schedule: hours: [6,12,18] minutes: [15,30,45] months: [1,3] weekdays: [1,3,5] guarantee: False hostname: "{{ netapp_hostname }}" username: "{{ netapp_username }}" password: "{{ netapp_password }}" # The audit logs are rotated monthly, all days of the week, at 12:30 - name: Modify vserver audit configuration netapp.ontap.na_ontap_vserver_audit: state: present vserver: ansible enabled: True events: authorization_policy: False cap_staging: False cifs_logon_logoff: True file_operations: True file_share: False security_group: False user_account: False log_path: "/" log: format: xml rotation: schedule: hours: [12] minutes: [30] months: [-1] weekdays: [-1] guarantee: False hostname: "{{ netapp_hostname }}" username: "{{ netapp_username }}" password: "{{ netapp_password }}"
Collection links
© 2012–2018 Michael DeHaan
© 2018–2024 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/netapp/ontap/na_ontap_vserver_audit_module.html