az netappfiles volume ransomware-report
Manage Advanced Ransomware(ARP) Reports.
Commands
| Name | Description | Type | Status |
|---|---|---|---|
| az netappfiles volume ransomware-report clear-suspect |
Clear ransomware suspects for the given Advanced Ransomware Protection (ARP) report. You should evaluate the report to determine whether the activity is acceptable (false positive) or whether an attack seems malicious.ARP creates snapshots named Anti_ransomware_backup when it detects a potential ransomware threat. You can use one of these ARP snapshots or another snapshot of your volume to restore data",. |
Core | GA |
| az netappfiles volume ransomware-report list |
List all ransomware reports for the volume. |
Core | GA |
| az netappfiles volume ransomware-report show |
Get details of the specified ransomware report (ARP) |
Core | GA |
az netappfiles volume ransomware-report clear-suspect
Clear ransomware suspects for the given Advanced Ransomware Protection (ARP) report. You should evaluate the report to determine whether the activity is acceptable (false positive) or whether an attack seems malicious.ARP creates snapshots named Anti_ransomware_backup when it detects a potential ransomware threat. You can use one of these ARP snapshots or another snapshot of your volume to restore data",.
az netappfiles volume ransomware-report clear-suspect --extensions
--resolution {FalsePositive, PotentialThreat}
[--account-name]
[--acquire-policy-token]
[--change-reference]
[--ids]
[--no-wait {0, 1, f, false, n, no, t, true, y, yes}]
[--pool-name]
[--ransomware-report-name]
[--resource-group]
[--subscription]
[--volume-name]Examples
RansomwareReports_ClearSuspects
az netappfiles volume ransomware-report clear-suspect --resource-group myRG --account-name account1 --pool-name pool1 --volume-name volume1 --ransomware-report-name ransomwareReport1 --resolution PotentialThreat --extensions "[.threat]"Required Parameters
List of file extensions resolved (PotentialThreat or FalsePositive) Support shorthand-syntax, json-file and yaml-file. Try "??" to show more.
| Property | Value |
|---|---|
| Parameter group: | Body Arguments |
ARP report suspect resolution.
| Property | Value |
|---|---|
| Parameter group: | Body Arguments |
| Accepted values: | FalsePositive, PotentialThreat |
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the NetApp account.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Acquiring an Azure Policy token automatically for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
The related change reference ID for this resource operation.
| Property | Value |
|---|---|
| Parameter group: | Global Policy Arguments |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Do not wait for the long-running operation to finish.
| Property | Value |
|---|---|
| Accepted values: | 0, 1, f, false, n, no, t, true, y, yes |
The name of the capacity pool.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the ransomware report.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the volume.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az netappfiles volume ransomware-report list
List all ransomware reports for the volume.
Returns a list of the Advanced Ransomware Protection (ARP) reports for the volume. ARP reports are created with a list of suspected files when it detects any combination of high data entropy, abnormal volume activity with data encryption, and unusual file extensions. ARP creates snapshots named Anti_ransomware_backup when it detects a potential ransomware threat. You can use one of these ARP snapshots or another snapshot of your volume to restore data".
az netappfiles volume ransomware-report list --account-name
--pool-name
--resource-group
--volume-name
[--max-items]
[--next-token]Examples
RansomwareReports_List
az netappfiles volume ransomware-report list --resource-group myRG --account-name account1 --pool-name pool1 --volume-name volume1Required Parameters
The name of the NetApp account.
The name of the capacity pool.
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
The name of the volume.
Optional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
Total number of items to return in the command's output. If the total number of items available is more than the value specified, a token is provided in the command's output. To resume pagination, provide the token value in --next-token argument of a subsequent command.
| Property | Value |
|---|---|
| Parameter group: | Pagination Arguments |
Token to specify where to start paginating. This is the token value from a previously truncated response.
| Property | Value |
|---|---|
| Parameter group: | Pagination Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
az netappfiles volume ransomware-report show
Get details of the specified ransomware report (ARP) current gets the latest active report if there is an active event.
Get details of the specified ransomware report (ARP)ARP reports are created with a list of suspected files when it detects any combination of high data entropy, abnormal volume activity with data encryption, and unusual file extensions.ARP creates snapshots named Anti_ransomware_backup when it detects a potential ransomware threat. You can use one of these ARP snapshots or another snapshot of your volume to restore data.
az netappfiles volume ransomware-report show [--account-name]
[--ids]
[--name --ransomware-report-name]
[--pool-name]
[--resource-group]
[--subscription]
[--volume-name]Examples
RansomwareReports_Get
az netappfiles volume ransomware-report show --resource-group myRG --account-name account1 --pool-name pool1 --volume-name volume1 --ransomware-report-name ransomwareReport1RansomwareReports_Get current report
az netappfiles volume ransomware-report show --resource-group myRG --account-name account1 --pool-name pool1 --volume-name volume1 --ransomware-report-name currentOptional Parameters
The following parameters are optional, but depending on the context, one or more might become required for the command to execute successfully.
The name of the NetApp account.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
One or more resource IDs (space-delimited). It should be a complete resource ID containing all information of 'Resource Id' arguments. You should provide either --ids or other 'Resource Id' arguments.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the ransomware report.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the capacity pool.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name of resource group. You can configure the default group using az configure --defaults group=<name>.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Name or ID of subscription. You can configure the default subscription using az account set -s NAME_OR_ID.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
The name of the volume.
| Property | Value |
|---|---|
| Parameter group: | Resource Id Arguments |
Global Parameters
Increase logging verbosity to show all debug logs.
| Property | Value |
|---|---|
| Default value: | False |
Show this help message and exit.
Only show errors, suppressing warnings.
| Property | Value |
|---|---|
| Default value: | False |
Output format.
| Property | Value |
|---|---|
| Default value: | json |
| Accepted values: | json, jsonc, none, table, tsv, yaml, yamlc |
JMESPath query string. See http://jmespath.org/ for more information and examples.
Increase logging verbosity. Use --debug for full debug logs.
| Property | Value |
|---|---|
| Default value: | False |
