Skip to main content

Create a Notification Policy

To monitor operations with files and folders on Nutanix File Server, you should configure a notification policy for the related events.

Monitored Operations

The list of supported operations is provided in the table below. Your notification policy can include any of them.

To audit...Operation name to specify at policy creation
Successful create operationsFILE_CREATE DIRECTORY_CREATE
Successful read operationsFILE_READ
Successful modify operationsFILE_WRITE RENAME SECURITY
Successful delete operationsFILE_DELETE DIRECTORY_DELETE
Failed read/modify/delete attempts*FILE_OPEN

* - Failed attempt to move/rename file are not audited.

Configuration Procedure

Notification policy creation procedure involves API requests usage. It is assumed that you have a good understanding of REST API concepts, as well as enough experience in working with JSON-formatted requests in any API client. To get acquainted with Nutanix REST API Explorer client, refer to Nutanix documentation.

To create a notification policy for Nutanix File Server via API:

  1. Open the File Server REST API Explorer client using the following URL:

    https://`<fileserver_ip>`:9440/api/nutanix/v3/api_explorer/index.html#/

    here <fileserver_ip> - IP address of the Nutanix File Server to be audited.

If you select to launch the RestAPI Explorer from the Prism menu, the RestAPI Explorer for Prism client will be opened.

  1. In the username and password fields, enter the credentials of the Create User Account to Access Nutanix REST API you have created.

  2. Click Explore.

  3. In the File Server REST API Explorer REST API client, locate the POST request for notification_policies :

    POST /notification_policies

  4. In the request body, enter the following JSON-formatted structure:

{

"spec": {

"name": "<NAME_OF_NOTIFICATION_POLICY>",

"resources": {

"all_mount_targets" : true,

"protocol_type_list" : ["SMB"],

"file_operation_list" : [<LIST_OF_FILE_OPERATIONS>],

"partner_server_reference_list" : [{

"kind" : "partner_server",

"uuid" : "<UUID_OF_PARTNER_SERVER>"

}]

},

"description": "<optional_string>"

},

"api_version": "3.0",

"metadata": {

"kind": "notification_policy"

}

}

here:

"all_mount_targets" : true - instructs to notify on changes to all shares

"protocol_type_list" : ["SMB"] - instructs to track SMB shares (the only currently supported)

<NAME_OF_NOTIFICATION_POLICY> – enter the name of notification policy you want to create

<UUID_OF_PARTNER_SERVER> - enter the uuid of Configure Partner Server

<LIST_OF_FILE_OPERATIONS> - enter the list of operations to be audited.

  1. Send the request, clicking Try it out.

  2. Get the response - Response Code should be 200. In the response body, locate the uuid of the created notification policy.

  3. To check that a new policy was included in the list of existing policies, retrieve the list of policies, sending the POST request to the following endpoint:

    POST /notification_policies/list. The request body must be empty - for that, enter empty brackets as the value for get_entities_request parameter : { }

Auditing Specific Folders

If you want to audit only the certain folders on Nutanix File Server (mount targets), then do the following:

  1. Retrieve the list of existing mount targets using the mount_target POST /mount_targets/list request with empty body, as described above.
  2. In the response, locate the uuids of the target folders you want to audit.
  3. In the notification policy creation request (described above) instead of "all_mount_targets" : true in the request body enter the following JSON-formatted structure:
"mount_target_reference_list": [

{

"kind" : "mount_target",

"uuid" : "<UUID_OF_MOUNT_TARGET1>"

},

{

"kind" : "mount_target",

"uuid" : "<UUID_OF_MOUNT_TARGET2>"

},

]

here:

<UUID_OF_MOUNT_TARGET> – enter the uuid of target you want to audit.

Example

The JSON-formatted structure below is an example of the request body that can be used to create a notification policy named MOUNT_POINT_POLICY to audit the mount a share on Nutanix File Server with the uuid=378896fd-e829-4869-84a2-6c29268acfff. The following operations will be audited:

  • "FILE_READ",
  • "FILE_CREATE",
  • "FILE_DELETE",
  • "DIRECTORY_CREATE",
  • "DIRECTORY_DELETE",
  • "FILE_WRITE",
  • "RENAME",
  • "SECURITY",
  • "FILE_OPEN"

JSON structure is as follows:

{

"spec": {

"name": "MOUNT_POINT_POLICY ",

"resources": {

"mount_target_reference_list": [

{

"kind" : "mount_target",

"uuid" : "378896fd-e829-4869-84a2-6c29268acfff”

}

],

"protocol_type_list" : ["SMB"],

"file_operation_list" :[

"FILE_READ",

"FILE_CREATE",

"FILE_DELETE",

"DIRECTORY_CREATE",

"DIRECTORY_DELETE",

"FILE_WRITE",

"RENAME",

"SECURITY",

"FILE_OPEN"

],

"partner_server_reference_list" : [

{

"kind" : "partner_server",

"uuid" : " d0bfb952-924b-459e-bd32-44c8b5a62838"

}

]

},

"description": "<optional_string>"

},

"api_version": "3.0",

"metadata": {

"kind": "notification_policy"

}

}