netapp.ontap.na_ontap_vserver_audit module – NetApp Ontap - create, delete or modify vserver audit configuration.
Note
This module is part of the netapp.ontap collection (version 22.11.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install netapp.ontap.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: netapp.ontap.na_ontap_vserver_audit.
New in netapp.ontap 22.3.0
Synopsis
Create, delete or modify vserver audit configuration.
Requirements
The below requirements are needed on the host that executes this module.
Ansible 2.9 or later - 2.12 or later is recommended.
Python3 - 3.9 or later is recommended.
When using ZAPI, netapp-lib 2018.11.13 or later (install using ‘pip install netapp-lib’), netapp-lib 2020.3.12 is strongly recommended as it provides better error reporting for connection issues
a physical or virtual clustered Data ONTAP system, the modules support Data ONTAP 9.1 and onward, REST support requires ONTAP 9.6 or later
Parameters
Parameter |
Comments |
|---|---|
path to SSL client cert file (.pem). not supported with python 2.6. |
|
Specifies whether or not auditing is enabled on the SVM. Choices:
|
|
Specifies events for which auditing is enabled on the SVM. |
|
Authorization policy change events. Choices:
|
|
Central access policy staging events. Choices:
|
|
CIFS logon and logoff events. Choices:
|
|
File operation events. Choices:
|
|
File share category events. Choices:
|
|
Local security group management events. Choices:
|
|
Local user account management events. Choices:
|
|
Enable or disable a new feature. This can be used to enable an experimental feature or disable a new feature that breaks backward compatibility. Supported keys and values are subject to change without notice. Unknown keys are ignored. |
|
Override the cluster ONTAP version when using REST. The behavior is undefined if the version does not match the target cluster. This is provided as a work-around when the cluster version cannot be read because of permission issues. See https://github.com/ansible-collections/netapp.ontap/wiki/Known-issues. This should be in the form 9.10 or 9.10.1 with each element being an integer number. When Ignored with ZAPI. |
|
Indicates whether there is a strict Guarantee of Auditing. This option requires ONTAP 9.10.1 or later. Choices:
|
|
The hostname or IP address of the ONTAP instance. |
|
Override the default port (80 or 443) with this port |
|
Enable and disable https. Ignored when using REST as only https is supported. Ignored when using SSL certificate authentication as it requires SSL. Choices:
|
|
path to SSL client key file. |
|
Specifies events for which auditing is enabled on the SVM. |
|
This option describes the format in which the logs are generated by consolidation process. Possible values are, xml - Data ONTAP-specific XML log format evtx - Microsoft Windows EVTX log format Choices:
|
|
This option describes the count and time to retain the audit log file. |
|
Determines how many audit log files to retain before rotating the oldest log file out. This is mutually exclusive with duration. |
|
Specifies an ISO-8601 format date and time to retain the audit log file. The audit log files are deleted once they reach the specified date/time. This is mutually exclusive with count. |
|
Audit event log files are rotated when they reach a configured threshold log size or are on a configured schedule. When an event log file is rotated, the scheduled consolidation task first renames the active converted file to a time-stamped archive file, and then creates a new active converted event log file. |
|
Rotates the audit logs based on a schedule by using the time-based rotation parameters in any combination. The rotation schedule is calculated by using all the time-related values. |
|
Specifies the day of the month schedule to rotate audit log. Specify -1 to rotate the audit logs all days of a month. |
|
Specifies the hourly schedule to rotate audit log. Specify -1 to rotate the audit logs every hour. |
|
Specifies the minutes schedule to rotate the audit log. |
|
Specifies the months schedule to rotate audit log. Specify -1 to rotate the audit logs every month. |
|
Specifies the weekdays schedule to rotate audit log. Specify -1 to rotate the audit logs every day. |
|
Rotates logs based on log size in bytes. Default value is 104857600. |
|
The audit log destination path where consolidated audit logs are stored. |
|
The ontap api version to use |
|
Password for the specified user. |
|
Whether the specified vserver audit configuration should exist or not. Choices:
|
|
Whether to use REST or ZAPI. always – will always use the REST API if the module supports REST. A warning is issued if the module does not support REST. An error is issued if a module option is not supported in REST. never – will always use ZAPI if the module supports ZAPI. An error may be issued if a REST option is not supported in ZAPI. auto – will try to use the REST API if the module supports REST and modules options are supported. Reverts to ZAPI otherwise. Default: |
|
This can be a Cluster-scoped or SVM-scoped account, depending on whether a Cluster-level or SVM-level API is required. For more information, please read the documentation https://mysupport.netapp.com/NOW/download/software/nmsdk/9.4/. Two authentication methods are supported
To use a certificate, the certificate must have been installed in the ONTAP cluster, and cert authentication must have been enabled. |
|
If set to This should only set to Choices:
|
|
Specifies name of the Vserver. |
Notes
Note
This module supports REST only.
At least one event should be enabled.
No other fields can be specified when enabled is specified for modify.
The modules prefixed with na_ontap are built to support the ONTAP storage platform.
https is enabled by default and recommended. To enable http on the cluster you must run the following commands ‘set -privilege advanced;’ ‘system services web modify -http-enabled true;’
Examples
- name: Create vserver audit configuration
netapp.ontap.na_ontap_vserver_audit:
state: present
vserver: ansible
enabled: True
events:
authorization_policy: False
cap_staging: False
cifs_logon_logoff: True
file_operations: True
file_share: False
security_group: False
user_account: False
log_path: "/"
log:
format: xml
retention:
count: 4
rotation:
size: "1048576"
guarantee: False
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
- name: Modify vserver audit configuration
netapp.ontap.na_ontap_vserver_audit:
state: present
vserver: ansible
enabled: True
events:
authorization_policy: True
cap_staging: True
cifs_logon_logoff: True
file_operations: True
file_share: True
security_group: True
user_account: True
log_path: "/tmp"
log:
format: evtx
retention:
count: 5
rotation:
size: "104857600"
guarantee: True
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
- name: Delete vserver audit configuration
netapp.ontap.na_ontap_vserver_audit:
state: absent
vserver: ansible
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
# The audit logs are rotated in January and March on Monday, Wednesday, and Friday,
# at 6:15, 6:30, 6:45, 12:15, 12:30, 12:45, 18:15, 18:30, and 18:45
# The last 6 audit logs are retained
- name: Create vserver audit configuration
netapp.ontap.na_ontap_vserver_audit:
state: present
vserver: ansible
enabled: True
events:
authorization_policy: False
cap_staging: False
cifs_logon_logoff: True
file_operations: True
file_share: False
security_group: False
user_account: False
log_path: "/"
log:
format: xml
retention:
count: 6
rotation:
schedule:
hours: [6,12,18]
minutes: [15,30,45]
months: [1,3]
weekdays: [1,3,5]
guarantee: False
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"
# The audit logs are rotated monthly, all days of the week, at 12:30
- name: Modify vserver audit configuration
netapp.ontap.na_ontap_vserver_audit:
state: present
vserver: ansible
enabled: True
events:
authorization_policy: False
cap_staging: False
cifs_logon_logoff: True
file_operations: True
file_share: False
security_group: False
user_account: False
log_path: "/"
log:
format: xml
rotation:
schedule:
hours: [12]
minutes: [30]
months: [-1]
weekdays: [-1]
guarantee: False
hostname: "{{ netapp_hostname }}"
username: "{{ netapp_username }}"
password: "{{ netapp_password }}"