Monitor System-Critical Files
Parameter | Description |
|---|---|
Core System Files to be Monitored | /bin/* /lib/* /sbin/* /stand/vmunix /unix /usr/bin/* /usr/lib/* /usr/sbin/* /usr/spool/cron/* /var/adm/cron/* /var/lib/* /var/spool/cron/* |
Files and Directories to be excluded from Detection | /usr/lib/cron/log /usr/lib/objrepos /usr/spool/cron/tmp /var/adm/cron/FIFO /var/adm/cron/log /var/lib/objrepos /var/log /var/spool/cron/tmp |
Description | Lets you monitor the core system files that the operating system maintains. If you check this option, you must specify at least one path in the subsequent list. Symantec recommends that you only use the Report File Differences option on a select number of files. If you enable the reporting of file differences for a large number of files, that is, more than 1000, it may affect system resources. Symantec recommends that you test scenarios if large numbers of files require this detection functionality or if wildcard paths are used with this feature. |
Parameter | Description |
|---|---|
Core System Configuration Files to be Monitored | /etc/*.conf /etc/*.config /etc/*_conf /etc/*_config /etc/sudoers |
Files and Directories to be excluded from Detection | /etc/*.log /etc/*.pid /etc/btmp /etc/btmps /etc/cron.d/FIFO /etc/security/*log /etc/sisips /etc/sisips/* /etc/sulogin /etc/symantec/* /etc/utmp /etc/utmppipe /etc/utmps /etc/utmpx /etc/wtmps /etc/wtmpx |
Description | Lets you monitor the core system configuration files that the operating system maintains. If you check this option, you must specify at least one path in the subsequent list. Symantec recommends that you only use the Report File Differences option on a select number of files. If you enable the reporting of file differences for a large number of files, that is, more than 1000, it may affect system resources. Symantec recommends that you test scenarios if large numbers of files require this detection functionality or if wildcard paths are used with this feature. |
Parameter | Description |
|---|---|
Setup files to be Monitored | /usr/sbin/pkg* /var/lib/rpm/* /var/sadm/install/admin/* /var/sadm/pkg/* |
Files and Directories to be excluded from Detection | *.log* |
Description | Lets you monitor the setup programs and packages that the operating system maintains. If you check this option, you must specify at least one path in the subsequent list. Symantec recommends that you only use the Report File Differences option on a select number of files. If you enable the reporting of file differences for a large number of files, that is, more than 1000, it may affect system resources. Symantec recommends that you test scenarios if large numbers of files require this detection functionality or if wildcard paths are used with this feature. |
Parameter | Description |
|---|---|
Common Program Files to be Monitored | /etc/cron.d/logchecker /etc/fs/*/mount /lib/svc/nfs/lockd /lib/svc/nfs/statd /opt/sbin/in.named /opt/sbin/lwresd /opt/sbin/name /sbin/auditd /sbin/klogd /sbin/syslogd /usr/lib/cups/daemon/cups-lpd /usr/lib/fs/*/moun /usr/lib/sendmail /usr/lib/ssh/sshd /usr/lib/zones/zoneadmd /usr/local/sbin/in.named /usr/local/sbin/in.tnamed /usr/local/sbin/lwresd /usr/local/sbin/named /usr/local/sbin/sshd /usr/sbin/atd /usr/sbin/automount /usr/sbin/cron /usr/sbin/crond /usr/sbin/cupsd /usr/sbin/in.named /usr/sbin/in.tnamed /usr/sbin/inetd /usr/sbin/lwresd /usr/sbin/named /usr/sbin/nmbd /usr/sbin/rpc.mountd /usr/sbin/smbd /usr/sbin/sshd /usr/sbin/syslogd /usr/sbin/xinetd |
Files and Directories to be excluded from Detection | blank value The user specifies this value. |
Description | Lets you monitor the common daemon files that the operating system maintains. If you check this option, you must specify at least one path in the subsequent list. Symantec recommends that you only use the Report File Differences option on a select number of files. If you enable the reporting of file differences for a large number of files, that is, more than 1000, it may affect system resources. Symantec recommends that you test scenarios if large numbers of files require this detection functionality or if wildcard paths are used with this feature. |
Parameter | Description |
|---|---|
Script files to be Monitored | blank value The user specifies this value. |
Files and Directories to be excluded from Detection | blank value The user specifies this value. |
Description | Lets you monitor the user-defined script files and cron files that are used on the device. If you check this option, you must specify at least one path in the subsequent list. Symantec recommends that you only use the Report File Differences option on a select number of files. If you enable the reporting of file differences for a large number of files, that is, more than 1000, it may affect system resources. Symantec recommends that you test scenarios if large numbers of files require this detection functionality or if wildcard paths are used with this feature. |
Parameter | Description |
|---|---|
Other Files to be Monitored | blank value The user specifies this value. |
Files and Directories to be excluded from Detection | blank value The user specifies this value. |
Description | Lets you monitor the critical user-defined files that are specific to Linux operating systems. If you check this option, you must specify at least one path in the subsequent list. Symantec recommends that you only use the Report File Differences option on a select number of files. If you enable the reporting of file differences for a large number of files, that is, more than 1000, it may affect system resources. Symantec recommends that you test scenarios if large numbers of files require this detection functionality or if wildcard paths are used with this feature. |