Connect this data source on your own, using the Hunters platform.
TL;DR
Supported data types | 3rd party detection | Hunters detection | IOC search | Search | Table name | Log format | Collection method |
|---|---|---|---|---|---|---|---|
NetApp ONTAP Logs | ✅ | ✅ | ✅ | netapp_ontap_logs | text | S3-LIST | |
NetApp E-Series Logs | netapp_e_series_logs | csv | S3-LIST |
Overview
NetApp is a data infrastructure and storage technology company that provides solutions for managing, storing, protecting, and moving data across on-premises environments, hybrid cloud, and public cloud platforms. Its portfolio includes enterprise storage systems, data management software, cloud storage services, and solutions for backup, disaster recovery, ransomware protection, analytics, and workload optimization. NetApp helps organizations manage structured and unstructured data across different environments while supporting performance, scalability, security, and operational efficiency.
Supported data types
NETAPP ONTAP LOGS
Overview
Table name: netapp_ontap_logs
NetApp ONTAP is a proprietary operating system, and the core data management software, developed by NetApp. It's used across a range of NetApp hardware, from on-premises storage systems to cloud-based solutions like NetApp Cloud Volumes ONTAP. ONTAP provides a unified platform for managing and protecting data, supporting various storage protocols and features, and offering extensive data protection capabilities.
NetApp ONTAP logs capture detailed operational and security events across storage systems, providing critical insights into performance, access, configuration changes, and potential anomalies to support monitoring, auditing, and troubleshooting.
Send data to Hunters
To connect NetApp ONTAP Logs :
Please follow these:
📘Note
When performing the last part of the process (Provide information to Hunters), follow these steps:
Navigate to Data > Data Sources, and then click + Connect Data Sources.
Search for NetApp and click Connect.
From the side-menu, click + More Integrations and then select NETAPP VIA S3 LIST → NetApp ONTAP Logs
.png?sv=2022-11-02&spr=https&st=2026-05-16T16%3A37%3A50Z&se=2026-05-16T16%3A49%3A50Z&sr=c&sp=r&sig=lno0JX6OZ%2Fu%2BWCndLRoU3cLk5eKZaSdP%2B8c5WwCX%2BIQ%3D)
.png?sv=2022-11-02&spr=https&st=2026-05-16T16%3A37%3A50Z&se=2026-05-16T16%3A49%3A50Z&sr=c&sp=r&sig=lno0JX6OZ%2Fu%2BWCndLRoU3cLk5eKZaSdP%2B8c5WwCX%2BIQ%3D)
📘Note
When setting up the connection on the Hunters platform.
Insert the NetApp ONTAP logs’s bucketname into the Bucket name field on the Hunters portal.
Expected format
Logs are expected in TEXT format.
<14>May 26 11:40:20 SNCHxxxM01-N1: SNCH1xxM01-N1: 0000xx18.00xe327 00186a12 Mon May 26 2025 11:40:19 +02:00 [kxxn_audit:info:3467] 8503e80000xxacd1 :: SNCH1xxM01:http :: 1.1.1.1:3 :: xxCxxRxx01:xyz :: GET /api/private/cli/aggr/show-space?fields=aggrxxate_name%2Cbxn_num%2Cobxect_store_logxcal_use%2Cobxect_store_physical_used%2Ctier_name&return_records=true&tier_name=%21%22+%22%7C%22%22 :: Success:
<14>May 26 11:40:20 SNCH1Wxx01-N1: SNCHxxRM01-N1: 000xx018.000xx333 0018xx12 Mon May 26 2025 11:40:19 +02:00 [kxxn_audit:info:3467] 850xx80000xxacd9 :: SNCxxWRxx1:http :: 1.1.1.1:36 :: SNCH1Wxx01:xyz :: GET /api/private/cli/disk?fields=disk_io_kps_total%2Csxxtors_read%2Csxxtors_writxxn%2Ctype%2Cuid&ignore_unknown_fields=true&return_records=true :: Pending
<14>May 26 11:40:20 SNCxxRM01-N2: SNCH1xx01-N2: 000xx018.000xx8da 001xxe2e Mon May 26 2025 11:40:18 +02:00 [kxxn_audit:info:3467] 850xxx002acca :: SNCxxRM01:http :: 1.1.1.2:34 :: SNCHxxM01:xyz :: GET /api/private/cli/snapmirror?expand=true&fields=break_failed_count%2Cbreak_successful_count%2Ccg_item_mappings%2Cdestination_path%2Cdestination_volume%2Cdestination_volume_node%2Cdestination_vserver%2Chealthy%2Clag_time%2Clast_transfer_duration%2Clast_transfer_end_timestamp%2Clast_transfer_size%2Clast_transfer_type%2Cnewest_snapshot_timestamp%2Cpolicy_type%2Crelationship_group_type%2Crelationship_id%2Crelationship_type%2Cresync_failed_count%2Cresync_successful_count%2Cschedule%2Csource_path%2Csource_volume%2Csource_vserver%2Cstatus%2Ctotal_transfer_bytes%2Ctotal_transfer_time_secs%2Cunhealthy_reason%2Cupdate_failed_count%2Cupdate_successful_count&ignore_unknown_fields=true&return_records=true :: Pending NETAPP E-SERIES LOGS
Overview:
NetApp E-Series is a family of enterprise storage arrays developed by NetApp. It is designed for dedicated, high-bandwidth applications that need simple, fast, and reliable block storage, especially in SAN environments. E-Series is commonly used for workloads such as high-performance computing, AI, data analytics, enterprise databases, VMware, video surveillance, media workflows, and disk-based backup. Unlike NetApp ONTAP, which is a broader unified data management operating system, NetApp E-Series is focused on high-performance SAN storage and is powered by NetApp SANtricity OS, which provides storage management, performance tuning, configuration flexibility, and control over data placement.
https://www.netapp.com/media/116236-tr-5001-intro-to-netapp-e4000-arrays-with-santricity.pdf
Table name: netapp_e_series_logs
Send data to Hunters
Hunters supports the ingestion of NetApp E-Series Logs via an intermediary AWS S3 bucket.
To connect NetApp E-Series logs via S3:
Export your logs from NetApp E-Series logs to an AWS S3 bucket.
Once the export is completed and the logs are collected to S3, follow the steps in this section.
Expected format
Logs are expected in Nested JSON Text:
"Date/Time","Priority","Component Type","Component Location","Description","Sequence Number","Event Type","Event Specific Codes","Event Category","Logged By"
"Jan 13, 2024 9:00:44 AM","Informational","Controller Firmware","None","The workload balance was evaluated following load optimization","112233","1234","0/0/0","Internal","A"
"Jan 13, 2024 8:30:38 AM","Informational","Controller Firmware","None","Workload was automatically balanced by transferring volumes","112234","1235","0/0/0","Internal","A"