Linux File & Folder Monitor

The Linux File and Folder monitor allows the browsing of both local and remote Linux devices for a specific folder and check for any changes.

Adding Linux File & Folder rule criteria

  1. From the Linux system in the Systems panel of Central Configuration Manager, select Linux File & Folder Monitor and click Add Rule.
  2. From the Add Rule Detail dialog, click Criteria. Click Add Criteria to open the File & Folder Criteria dialog.

There are four pages to complete when adding Linux File & Folder rule criteria.

Location section

The field in this section is used to determine the path to the required File or Folder.

Search Path
Either type the path to the required folder or file directly into this field or click Browse to open the Select Folder dialog. This allows the selection of any folder from the Linux device and the subsequent drill-down into subsequent folders.

Search Parameters section

The fields in this section specify the alert criteria and trigger actions.

Alert If

Select whether an alert should be generated if the File/Folder does or does not exist. Check the Include Sub-Folders option to ensure that the Linux sub-folders are included in any search.

Trigger On

Trigger actions are used to determine at which point the alert is raised and can be set against events happening against individual files, folders or file or folder.

  • First Matching: The alert is triggered on the first matching instance of the File, Folder or File or Folder found.
  • Each Matching: Separate alerts are triggered for each matching instance found for each File, Folder or File or Folder found.
Scan Filters section

Scan filters allow you to include or exclude specific criteria on which to search.

Include/Exclude Filters

Include and Exclude Filters allow you to enter a list of files or folders to include or exclude from the scan. Wildcards (*) can be used as a full or part replacement for file/folder name characters. When inserting file/folder names, use carriage return to generate a new line on which the next file/folder name can be entered.

Permission Filters section

Permission Filters allow you to specify the access rights to the files/folders for which you are scanning. The permission filters are split into three types:

  • User: The owner of the file or folder
  • Group: The group to which the owner belongs
  • Other: Everyone else

Permission levels allow to you define, within each type, whether the file can be read, written or executed, by specifying:

  • Granted: Permission allowed
  • Not Granted: Permission denied
  • Both: Permission is not checked

Criteria Alert Details section

Fields in this section define alert settings that override the settings made on the Alert page at Rule level. This provides a criteria specific alert message to be generated.

Override Rule Default

Click Override Rule Default to specify that the entries on this page override the default Alert page settings at Rule level. From the drop-down menu, select the alert warning level.

Alert Text

Enter the actual text of the alert or use the available Substitution Variables to construct the message text of the alert.

TIP: When Substitution Variables are used, click to display a list of textual and numeric parameters that can be used to amend the actual Substitution Variable value.
Alert Example

Displays an example of how the Alert Text will read using the selected Substitution Variables and user-entered text.

File Size Threshold section

The File Size Threshold is used to specify criteria that trigger an alert if the file size equals, exceeds, falls below or does not equal the entered value.

Size

Click to enable the setting of a file size threshold. Then select the comparator, enter a value and select the unit of measurement. The file size can be specified in:

  • Bytes
  • Kilobytes
  • Megabytes
  • Gigabytes
  • Terabytes

Timestamp Thresholds section

This section contains fields to specify a time period or a specific time and date at which the file was modified.

Modified

Click to enable the setting of a time period or specific date and time at which the file was modified.

To specify a time period, click the top radio button and select a comparator, value and time period. The time period can be specified in: 

  • Seconds
  • Minutes
  • Hours
  • Days

To specify an actual date and time, click the bottom radio button and select a time preposition, date and time at which the file was modified. The time preposition can be specified as:

  • At
  • After
  • On Or After
  • Before
  • On or Before
  • Not At

User Filters section

This section is used to filter the results by user or group.

User Name

Enter a user name by which the threshold results are filtered.

Group Name

Enter a Group Name by which the threshold results are filtered.

NOTE: When entering User Filters of User Name and Group Name, you must enter the actual names and not their numerical representations.

Firewall Settings section

This section contains fields that enable and then specify the parameters required for the use of a firewall proxy.

Enable Firewall Proxy

Click to enable the use of a Firewall Proxy when connecting to a remote device.

Host /Address

Enter the Host name or IP Address of the Firewall Proxy to be used in this rule.

Port Number

Select the Port Number on which the connection to the Firewall Proxy is made. The default setting is 8080.

User Name

If the firewall proxy requires authentication, enter a valid user name.

Password

If a user name has been entered, enter the associated password in this field.

Testing

When you have entered the criteria that you require, click Test to assess the validity of the data, and if necessary make any changes prior to putting the rule ‘Live’.

Click OK to define the entered parameters as criteria for this rule.

Related Topics