Hello Saqib Ahmed
I understand your interest in finding out whether there is a way to monitor who has accessed files on an Azure NetApp SMB share
Please be informed that Azure NetApp offers auditing features for SMB shares, enabling efficient monitoring of file access activities. It helps to record access to files and folders located on the SMB share. You can track user logon and logoff activities on the SMB server.
Configuration Steps
- Utilize the built-in ONTAP features or external FPolicy servers to establish auditing. Confirm that the auditing settings are implemented on the appropriate Storage Virtual Machines (SVMs).
- You have the option to determine which events to monitor, such as file access, logon and logoff activities, as well as events related to central access policy staging.
- Adjust the log retention settings to maintain logs for a designated period, for instance, 30 days. Additionally, you can establish parameters for log rotation according to size or a specific schedule to efficiently manage log files. Choose between ONTAP-specific XML or Microsoft Windows EVTX log formats for your audit logs.
Note- Regularly examine the audit logs to track access trends and detect any attempts of unauthorized access. Use the audit logs to ensure compliance with security policies and to investigate any potential security incidents.
References:
- https://learn.microsoft.com/en-us/azure/azure-netapp-files/monitor-azure-netapp-files
- https://learn.microsoft.com/en-us/azure/storage/files/storage-files-monitoring
Hope the above answer helps! Please let us know do you have any further queries.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.