Add_workflow_for_techpubs | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Excerpt Include | ||||||
---|---|---|---|---|---|---|
|
Use the System Admin command "intrusionDetection
" to enable/disable the intrusion detection system (AIDE) tool, plus add/delete tokens (case-sensitive) in the exceptions list (used to specify which tokens to not report in the sonusSystemSecurityReportNotification trap.
Code Block | ||
---|---|---|
| ||
% set system admin <system name> intrusionDetection exceptionList <token | list> intrusionDetectionState <disabled | enabled> % delete system admin <system name> intrusionDetection <token | [leave empty to delete list]> |
Parameter | Length/Range | Description | M/O |
---|---|---|---|
| N/A | Use this object to enable the Advanced Intrusion Detection Environment (AIDE) tool on the SBC and specify the exception list sent to the sonusSystemSecurityReportNotification trap. AIDE is a file and directory integrity checker that helps in keeping track of file properties, such as inode, permissions, modification time, file contents, etc. | O |
| N/A | Use this flag to enable/disable AIDE on the SBC.
| O |
| 0-1024 characters Pattern: (((.)){0,1024}) | Use this parameter to specify one or more tokens to exclude from the sonusSystemSecurityReportNotification trap report. Options (entries are case-sensitive):
| O |
To create a new exception list:
Info |
---|
This deletes the existing exception list. |
Code Block | ||
---|---|---|
| ||
% set system admin <SYSTEM NAME> intrusionDetection exceptionList [ token1 token2 ] |
To append token3 to the exception list:
Code Block | ||
---|---|---|
| ||
% set system admin <SYSTEM NAME> intrusionDetection exceptionList token3 |
To delete one token (token1) from the exception list:
Code Block | ||
---|---|---|
| ||
% delete system admin <SYSTEM NAME> intrusionDetection exceptionList token1 |
To delete all tokens (the entire exception list):
Code Block | ||
---|---|---|
| ||
% delete system admin <SYSTEM NAME> intrusionDetection exceptionList [leave empty] |