Manualshelf

User guide

ManualsBrandsQ-See ManualsComputer equipmentRemote Client Software V 4.0.1
21222324252627282930
21
# The LCE server can be configured to listen on a user-specified
# port. The setting below should match the server setting,
# which is 31300 by default.
server-port 31300
}
Once the configuration file is updated and applied, check the client log to ensure it is operating properly and to validate
that configuration directives were configured correctly.
Policy Parameters
The following is a list of all valid “keys” available for use in with the Linux policies:
Key Name
Description
Valid Values
Examples
tail-file
Tail a single text log file - each new line will
be sent to the LCE server.
Any full path and file
name.
/var/log/messages
/var/log/secure
/root/my_log_file.txt
tail-dir
Tail all text files in a directory, instead of a
single file like "tail-file". Wildcards are
permitted.
Any full path name with
wildcards.
/var/log/*.log
/var/log/*
monitor-file-
changes
Monitor a single file and send a log if it is
added, deleted, or modified. MD5
checksums are sent in each log.
Any full path and file
name.
/etc/passwd
/root/.bashrc
monitor-
directory-
changes
Monitor all files in a directory instead of a
single file like "monitor-file-changes".
Any full path name with
wildcards.
/etc/*
/bin/*
/usr/bin/*
recursive-
directory-
changes
Monitor all files in a directory and all files in
subdirectories, like "monitor-directory-
changes".
Any full path name.
/usr/
/bin/
accounting-file
Monitor a single accounting file (produced
by a Unix process accounting daemon).
The full path and file name
of the accounting file.
/var/account/acct
audit-dir
Monitor audit files in this directory
(produced by a BSM auditing daemon).
The full path name to the
audit file directory.
/var/audit/
scan-frequency
The number of seconds between
rescanning directories being tailed (keys
starting with "tail-").
A positive non-zero
integer.
10
60
modification-
check-frequency
The number of minutes between
rescanning directories being monitored
(keys ending with "-changes").
A positive non-zero
integer.
10
60
report-
ownership-
changes
Whether or not to report changes in
ownership for monitored files (keys ending
with "-changes").
0 or 1
(0=off,1=on)
0
1
report-
permission-
changes
Whether or not to report changes in
permissions for monitored files (keys
ending with "-changes").
0 or 1
(0=off,1=on)
0
1