anti-ransomware snapshots not getting deleted even if attack probability is none

Applies to

• ONTAP 9.10.1, 9.11.1, 9.12.1 without fix for Bug 1525719
• Anti-ransomware (ARW)
• Autonomous Ransomware Protection (ARP)
• Anti_ransomware_backup Snapshots

Issue

• ARP is enabled on multiple volumes.
• Snapshots named Anti_ransomware_backup have been created:

::> snapshot show -volume vol1
                                                                 ---Blocks---
Vserver  Volume   Snapshot                                   Size Total% Used%
-------- -------- -------------------------------------  -------- ------ -----
svm1     vol1
                  Anti_ransomware_backup.2023-02-13_1517  989.9MB     1%    2%
                  Daily@*@23:00.2023-03-06_2300               4MB     0%    0%
                  Daily@*@23:00.2023-03-07_2300             408KB     0%    0%
                  Anti_ransomware_backup.2023-03-08_0116   1.91MB     0%    0%
                  Hourly@7-19@:0.2023-03-08_1600            352KB     0%    0%
                  Daily@*@23:00.2023-03-08_2300             400KB     0%    0%
                  Anti_ransomware_backup.2023-03-09_0116    700KB     0%    0%
7 entries were displayed.

• Attack Probability is none:

::> security anti-ransomware volume show -vserver svm1 -vol vol1
      Vserver Name: svm1
       Volume Name: vol1
             State: enabled
Attack Probability: none
   Attack Timeline: -
Number of Attacks: -

• The expected retention period of the Anti_ransomware_backup Snapshots has passed without an attack alert raised.
  See: Understanding Anti-ransomware protection attacks and the anti-ransomware snapshot
• Anti_ransomware_backup Snapshots that match the above criteria are not automatically deleted again.