Page History
Add_workflow_for_techpubs | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Overview
Excerpt Include | ||||||
---|---|---|---|---|---|---|
|
Use the System Admin command "intrusionDetection
" to enable/disable the intrusion detection system (AIDE) tool, plus add/delete tokens (case-sensitive) in the exceptions list (used to specify which tokens to not report in the sonusSystemSecurityReportNotification trap.
Command Syntax
Code Block | |
---|---|
enable/disable | % set system admin <system name> intrusionDetection exceptionList <token | list> intrusionDetectionState <disabled | enabled> % delete system admin <system name> intrusionDetection <token | [leave empty to delete list]> |
Command Parameters
Parameter | Length/Range | Description | M/O |
---|---|---|---|
| N/A | Use this object to enable the Advanced Intrusion Detection Environment (AIDE) tool on the SBC and specify the exception list sent to the sonusSystemSecurityReportNotification trap trap. AIDE is a file and directory integrity checker that helps in keeping track of file properties, such as inode, permissions, modification time, file contents, etc. | O |
| N/A | Use this flag to enable/disable AIDE on the SBC.
| O |
| 0-1024 characters Pattern: (((.)){0,1024}) | Use this parameter to specify one or more tokens to exclude from the sonusSystemSecurityReportNotification trap report. Options (entries are case-sensitive):
| O |
Configuration Examples
To create a new exception list:
Info This deletes the existing exception list.
Code Block title CREATE list % set system admin <SYSTEM NAME> intrusionDetection exceptionList [ token1 token2 ]
To append token3 to the exception list:
Code Block title APPEND token % set system admin <SYSTEM NAME> intrusionDetection exceptionList token3
To delete one token (token1) from the exception list:
Code Block title DELETE token % delete system admin <SYSTEM NAME> intrusionDetection exceptionList token1
To delete all tokens (the entire exception list):
Code Block title DELETE list % delete system admin <SYSTEM NAME> intrusionDetection exceptionList [leave empty]