The Symantec Data Insight FPolicy server registers with the ONTAP cluster and receives file access events from it, if FPolicy is enabled and configured on the corresponding Vservers in the cluster. Symantec recommends that you automatically enable auditing when adding the clustered filers.
When you enable FPolicy from the Data Insight console, Data Insight automatically does the following:
Creates an FPolicy with a unique name.
Creates an FPolicy engine by specifying the server IP address and the server port.
Creates a CIFS event object.
Once you enable FPolicy on the Vserver, it initiates a TCP connection to the Data Insight FPolicy server.
To configure FPolicy on the ONTAP cluster using manual steps
diontapclust::> vserver fpolicy policy external-engine create -vserver <Vserver name> -engine-name <choose an external engine name> -primary-servers <IP address of Data Insight FPolicy server> -port <port number on which Data Insight FPolicy server is listening> -extern-engine-type asynchronous -ssl-option no-auth
diontapclust::> vserver fpolicy policy event create -vserver <Vserver name> -event-name <choose an event name> -protocol cifs -file-operations create, create_dir, delete, delete_dir, read,close, rename, rename_dir -filters first-read, close-with-modification
diontapclust::> vserver fpolicy policy create -vserver <Vserver name> -policy-name <choose a policy name> -events <specify list of events> -engine <specify engine name> -is-mandatory false
diontapclust::> vserver fpolicy policy create -vserver <Vserver name> -policy-name <choose a policy name> -events <specify list of events> -engine <specify engine name> -is-mandatory false