Get-AzNetAppFilesRansomwareReport

Module:

Az.NetAppFiles Module

Gets details of an Azure NetApp Files (ANF) Advanced Ransomware Protection (ARP) report.

Syntax

ByFieldsParameterSet (Default)

Get-AzNetAppFilesRansomwareReport
    -ResourceGroupName <String>
    -AccountName <String>
    -PoolName <String>
    -VolumeName <String>
    [-Name <String>]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

ByParentObjectParameterSet

Get-AzNetAppFilesRansomwareReport
    -VolumeObject <PSNetAppFilesVolume>
    [-Name <String>]
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

ByResourceIdParameterSet

Get-AzNetAppFilesRansomwareReport
    -ResourceId <String>
    [-DefaultProfile <IAzureContextContainer>]
    [<CommonParameters>]

Description

The Get-AzNetAppFilesRansomwareReport cmdlet returns details of Advanced Ransomware Protection (ARP) reports for an ANF volume. ARP reports are created with a list of suspected files when it detects any combination of high data entropy, abnormal volume activity with data encryption, and unusual file extensions. If no Name is specified, all reports for the volume are returned.

Examples

Example 1: List all ARP reports for a volume

Get-AzNetAppFilesRansomwareReport -ResourceGroupName "MyRG" -AccountName "MyAnfAccount" -PoolName "MyAnfPool" -VolumeName "MyAnfVolume"

This command lists all Advanced Ransomware Protection (ARP) reports for the volume "MyAnfVolume".

Example 2: Get a specific ARP report by name

Get-AzNetAppFilesRansomwareReport -ResourceGroupName "MyRG" -AccountName "MyAnfAccount" -PoolName "MyAnfPool" -VolumeName "MyAnfVolume" -Name "current"

ResourceGroupName : MyRG
Id                : /subscriptions/subsId/resourceGroups/MyRG/providers/Microsoft.NetApp/netAppAccounts/MyAnfAccount/capacityPools/MyAnfPool/volumes/MyAnfVolume/ransomwareReports/current
Name              : MyAnfAccount/MyAnfPool/MyAnfVolume/current
Type              : Microsoft.NetApp/netAppAccounts/capacityPools/volumes/ransomwareReports
EventTime         : 2025-01-15T10:30:00Z
State             : Active
Severity          : High
ClearedCount      : 0
ReportedCount     : 5
ProvisioningState : Succeeded

This command gets the ARP report named "current" from the volume "MyAnfVolume".

Example 3: Get ARP reports using a volume object from the pipeline

Get-AzNetAppFilesVolume -ResourceGroupName "MyRG" -AccountName "MyAnfAccount" -PoolName "MyAnfPool" -VolumeName "MyAnfVolume" | Get-AzNetAppFilesRansomwareReport

This command lists all ARP reports for the volume "MyAnfVolume" using a pipeline input from Get-AzNetAppFilesVolume.

Parameters

-AccountName

The name of the ANF account

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByFieldsParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Parameter properties

Type:	IAzureContextContainer
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	AzContext, AzureRmContext, AzureCredential

Parameter sets

(All)

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-Name

The name of the ANF ransomware report

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False
Aliases:	RansomwareReportName

Parameter sets

ByFieldsParameterSet

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

ByParentObjectParameterSet

Position:	Named
Mandatory:	False
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-PoolName

The name of the ANF pool

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByFieldsParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-ResourceGroupName

The resource group of the ANF volume

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByFieldsParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-ResourceId

The resource id of the ANF ransomware report

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByResourceIdParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	True
Value from remaining arguments:	False

-VolumeName

The name of the ANF volume

Parameter properties

Type:	String
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByFieldsParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	False
Value from pipeline by property name:	False
Value from remaining arguments:	False

-VolumeObject

The volume object containing the ransomware report to return

Parameter properties

Type:	PSNetAppFilesVolume
Default value:	None
Supports wildcards:	False
DontShow:	False

Parameter sets

ByParentObjectParameterSet

Position:	Named
Mandatory:	True
Value from pipeline:	True
Value from pipeline by property name:	False
Value from remaining arguments:	False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

String

PSNetAppFilesVolume

Outputs

PSNetAppFilesRansomwareReport