search

Symantec Critical System Bedienungsanleitung Seite 114

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 122
  • Inhaltsverzeichnis
  • FEHLERBEHEBUNG
    •
  • LESEZEICHEN
    • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 113
114 Migrating to the latest version
Migrating legacy detection policy files
3 In the right pane, on the General tab, in the Name box, type a name for your
detection policy.
You might want to use a name that reflects the ruleset.
4 Click File > Save.
5 In the Save As dialog, select the folder that you created for converted
policies, and then click Save As.
6 On the Outline tab, select Detection Rulesets in your new policy, click the
Add icon, and then click Browse.
7 Expand the folder that contains your converted policy, select the converted
ruleset that you want for your new policy, and then click Include.
8 Click File > Save All.
9 On the Library tab, expand the folder that you created, if it is not expanded,
and then select the name of your new policy.
The blue policy icon indicates an uncompiled policy.
10 Click Tools > Validate.
Validating your rules
In Symantec Host IDS and Symantec Intruder Alert, rules are not typed. In
Symantec Critical System Protection, rules are typed such as event log, registry,
etc. When you validated your new policy, you validated that the initial
conversion was successful. You must now validate your rules by using visual
inspection because the conversion routine used a best guess to determine the
type of each migrated rule. As a result, you need to check that each migrated
rule has the correct rule type and select criteria.
The following rule types and items are parsed for select criteria:
Event Log Windows event log .evt files
Text Log User-specified text logs
Registry User-specified registry keys
Filewatch User-specified files and subdirectories
Syslog Named pipe as specified in /etc/syslog.conf
WTMP WTMP file on UNIX-based operating systems (and BTMP file on some
operating systems)
Generic All parsed items in all rules in all policies installed on an Agent
Error Symantec Critical System Protection agent error messages
Seitenansicht 113
1 2 ... 109 110 111 112 113 114 115 116 117 118 119 120 121 122

Kommentare zu diesen Handbüchern

Keine Kommentare
  • Alliance Laundry Systems Vir2 BreatheAudio MyPressi Tricity
  • Polaroid LCD-Fernseher Siemens IP-Telefone Hobart Speisenwärmer Minolta Kopierer Sony Autonavigationssysteme
  • Apple PowerBook (2400c La Crosse Technology WS-8418U-IT Bbk LT1920S Waring PRO TCO650 Saeco HD8966/01
  • HP DreamColor Z27x G2 Studio Display Bedienungsanleitung Philips PD9030 Bedienungsanleitung Frigidaire Gallery LGID2478SF Bedienungsanleitung Samsung HMX-U20RP Bedienungsanleitung