Rule Check: Configuration File Setting
The configuration file setting check searches for a string or numeric value in a file on the server, and compares it with valid values. This check is typically used to validate a name-value pair in a configuration file.
|Configuration file path||
The name of the file to search in. If the file is not present, the test will either Fail or be Indeterminate based on the setting set in Settings > Configuration Scanner > Mark finding as Failed if the check was indeterminate checkbox. Any valid, full system path to a file is acceptable.
|Configuration file section (optional)||
Use this parameter to find a predefined section of the file before beginning the search for the desired term. This parameter will be found before looking for the Configuration item. Any simple string can be used. If blank, this item is ignored.
The string that precedes the value to be validated. This is the name portion of the name-value pair. Any simple string can be used. This field is optional; if it is empty, the first line of the file is checked.
A value that is compliant with the policy. This is the value portion of the name-value pair. Any string or number value can be used. Some example values:
Using the NOT operator
Place the NOT: operator before the value to specify that it should not occur for this item. For example, if you wish to verify that the SSH process is listening on a non-standard port (that is, the check should fail if sshd is listening on port 22), specify NOT: 22 as the desired value for the Port configuration item.
About comment characters and the NOT operator
Halo handles comment characters in relation to the NOT operator like this:
Checking the value of a whole file
In certain cases, you can use the Desired value field to check the value of the contents of an entire file. The file content must be a single string with no line breaks or returns. In the rule check, you must leave the Configuration item field blank, and specify the file's expected string in the Desired value field.
For example, to verify that IP forwarding is off, you might inspect a particular file whose string value is either
Configuration file path:
Configuration file comment character (optional)
Character or string that is used to comment out a line. Commented lines are ignored in the search for the preceding values. Any string can be used. If this field is left blank, the Halo agent assumes that no lines are commented out.
|Configuration item/value delimiter||
Character that separates the configuration item from the value of that item. The default is a space.
Note that multiple spaces between the item name and value in the configuration file are collapsed to a single space for performing the check.
|Remedial Suggestion (optional)||
Recommendation on how to fix the problem. This can be any string.