Before you start creating a monitoring plan to audit your NetApp file storage system, plan for the account that will be used for data collection – it should meet the requirements listed below. Then you will provide this account in the monitoring plan wizard.
NOTE: If you want to authenticate with AD user account, you must enable it to access SVM through ONTAPI. See Creating Role on NetApp Clustered Data ONTAP 8 or ONTAP 9 and Enabling AD User Access for more information.
On the target server:
- The account must be a member of the local Administrators group.
- The account requires Read permissions (resultant set) on the audited shared folders.
- The account requires:
- Read permissions (resultant set) on the audit logs folder and its contents
- Delete permissions (resultant set) on the contents of this folder
- To connect to NetApp Data ONTAP 7 or Data ONTAP 8 in 7-mode, an account must have the following capabilities:
- To connect to NetApp Clustered Data ONTAP 8 or ONTAP 9, an account must be assigned a custom role (e.g., fsa_role) on SVM that has the following capabilities with access query levels:
NOTE: You can also assign the built-in vsadmin role.