Powertech Anti-Virus for AIX/Linux Template

Powertech Anti-Virus for AIX/Linux Template

Requirements

Syslog Events must be forwarded to the machine on which Event Manager is installed.

Powertech Anti-Virus for AIX/Linux Controls

Action	Subaction	Condition	Description
System Management	Virus Definition Not Updated	SGAV virus definitions are \d+ days old	Records whenever the virus definition file has not been updated
System Management	Update Virus Definition	SGAV\s(?:NOTICE DAT files updated to\|NOTICE DAT levels the same\|ERROR DAT update failed)	Records whenever the virus definition file update fails
System Activity	Quarantined File	SGAV WARN quarantined file	Records whenever a file has been quarantined
System Management	Shutdown	(SGAV FATAL\|SGAV NOTICE Stopping avsvc service)	Records whenever a fatal shutdown of Stand Guard Anti-Virus occurs
System Management	Startup	SGAV NOTICE Starting	Records whenever Stand Guard Anti-Virus is starting
System Activity	Virus Detected	SGAV WARN VIRUS.*INFECTED	Records whenever a virus infection is detected
System Activity	Virus Scan	SGAV NOTICE avscan completed	Records whenever a virus scan has been completed
System Management	Software Error	SGAV ERROR and not SGAV ERROR Dat update failed	Records whenever error

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
Version: 6.9 | April 2024