Tripwire help
Hi All,
I have created the rules in twpol.clps.txt(this is my tripwire policy file name.).Please find the rules which I have created in twpol.clps.txt stated below: ================================================================= # opt tech stack ( rulename = "Tech Stack ", severity = $(SIG_HI) ) { /opt/java -> $(SEC_BIN) ; /opt/jboss -> $(SEC_BIN) ; /opt/ant -> $(SEC_BIN) ; /opt/ibm-java-x86_64-sdk-6.0-9.2-> $(SEC_BIN) ; /opt/jboss-eap-4.3-CP09 -> $(SEC_BIN) ; !/opt/jboss-eap-4.3-CP09/esapps1/tmp ; !/opt/jboss-eap-4.3-CP09/esapps2/tmp ; !/opt/jboss-eap-4.3-CP09/gis/tmp ; !/opt/jboss-eap-4.3-CP09/esapps1/data ; !/opt/jboss-eap-4.3-CP09/esapps2/data ; !/opt/jboss-eap-4.3-CP09/gis/data ; !/opt/jboss-eap-4.3-CP09/esapps1/work ; !/opt/jboss-eap-4.3-CP09/esapps2/work ; !/opt/jboss-eap-4.3-CP09/gis/work ; /opt/apache-ant-1.7.0 -> $(SEC_BIN) ; } ##################### # ESCommon ( rulename = "ESCommon", severity = $(SIG_HI) ) { /usr/local/gtech/eseries/escommon/bin -> $(SEC_BIN) ; /usr/local/gtech/eseries/escommon/lib -> $(SEC_BIN) ; } # ESCommon ( rulename = "ESCommon Configuration", severity = $(SIG_HI) ) { /etc/gtech/escommon -> $(SEC_CONFIG) ; } ##################### # CLPS # pwd # Bins ( rulename = "CLPS bins", severity = $(SIG_HI) ) { /usr/local/gtech/espd/clps/ga-clpsreports/bin -> +p+n+s; $(SEC_BIN); /usr/local/gtech/espd/clps/ga-clpsreports/lib -> +p+n+s; $(SEC_BIN) ; /usr/local/gtech/pd/gis/gis-application/target/gis-application.ear -> +p+n+s; $(SEC_BIN) ; /opt/jboss/server/gis/deploy/ -> +p+m+n+s; $(SEC_BIN) ; /opt/jboss/server/gis/lib/ -> +p+m+n+s; $(SEC_BIN) ; } # Configuration ( rulename = "CLPS Configuration files", severity = $(SIG_HI) ) { /etc/gtech/mxadapter -> $(SEC_CONFIG) ; /etc/gtech/ccadapters -> $(SEC_CONFIG) ; /etc/gtech/ccinternetadapter > $(SEC_CONFIG) ; /etc/gtech/ga-clpsadmin -> $(SEC_CONFIG) ; /etc/gtech/ga-clpsreports ->$(SEC_CONFIG) ; /usr/local/gtech/pd/gis/install/build-common.xml -> $(SEC_CONFIG) ; /usr/local/gtech/pd/gis/install/build.xml -> $(SEC_CONFIG) ; /opt/jboss/server/gis/env-config ->$(SEC_CONFIG) ; /opt/jboss/server/gis/conf -> $(SEC_CONFIG) ; /usr/local/gtech/eseries/ccadapters/bin/install/jbosssetup.xml -> $(SEC_CONFIG) ; /usr/local/gtech/eseries/ccinternetadapter/bin/install/jbosssetup.xml -> $(SEC_CONFIG) ; } =========================================================== After performing the integrtity check report is not generated properly.I mean it is not scanning the files which I have mentioned in the twpol.clps.txt. Please find the report which is mentioned below: ======================================================== [root@xxsi1242 tripwire]# tripwire --check Parsing policy file: /etc/tripwire/tw.pol *** Processing Unix File System *** Performing integrity check... Wrote report file: /var/lib/tripwire/report/xxsi1242.gtk.gtech.com-20130925-031456.twr Open Source Tripwire(R) 2.4.1 Integrity Check Report Report generated by: root Report created on: Wed 25 Sep 2013 03:14:56 AM EDT Database last updated on: Never =============================================================================== Report Summary: =============================================================================== Host name: xxsi1242.gtk.gtech.com Host IP address: 156.24.65.171 Host ID: None Policy file used: /etc/tripwire/tw.pol Configuration file used: /etc/tripwire/tw.cfg Database file used: /var/lib/tripwire/xxsi1242.gtk.gtech.com.twd Command line used: tripwire --check =============================================================================== Rule Summary: =============================================================================== ------------------------------------------------------------------------------- Section: Unix File System ------------------------------------------------------------------------------- Rule Name Severity Level Added Removed Modified --------- -------------- ----- ------- -------- CLPS 100 0 0 0 CLPS Configuration files 100 0 0 0 Total objects scanned: 523 Total violations found: 0 =============================================================================== Object Summary: =============================================================================== ------------------------------------------------------------------------------- # Section: Unix File System ------------------------------------------------------------------------------- No violations. =============================================================================== Error Report: =============================================================================== No Errors ------------------------------------------------------------------------------- *** End of report *** |
Tripwire Help
Hi All,
After performing the integrtity check in Tripwire, report is not generated properly.I mean it is not scanning the files. Thx Peru |
Tripwire help
Could any body please help me out the Tripwire file intergrity issue.
Thx Rama |
All times are GMT -5. The time now is 12:30 AM. |