Define Activation Conditions for Linux

Create a condition to specify specific match criteria for Linux policy rules.
To apply policy to Linux servers, you can create a condition to match any of the following characteristics:
  • File or folder path
  • Linux distribution type
  • Linux distribution version or versions
After creating a condition, you can use it to exclude or apply a rule to a Linux endpoint.
Use the following workflow to create a new condition for Linux.
  1. Select
    Settings
    Conditions
    Linux
    . The Conditions page displays the
    Name
    ,
    Description
    , and
    Path
    (if applicable) for each condition.
  2. Click the action menu and then
    Add
    a new condition.
  3. Enter a
    Name
    and
    Description
    to identify the condition.
  4. Select the type of condition:
    either
    Path
    to match on the path of a specific executable file or:
    • Path
      —Match a specific file or folder that exists on the Linux server (for example
      /sys/kernel/security/apparmor
      or
      /etc/redhat-release
      ).
    • Distribution
      —Match one or more Linux distributions. Select the
      Distribution name
      and an optional distribution
      Version
      . The version format must match the format sent by the Traps agent. To identify the expected format for a specific endpoint, view the version on the
      Monitor
      Agent
      Health
      page. If you do not specify version, the condition will apply to all versions. You can select a
      Version Comparison
      operator to evaluate the version:
      • Equal
        —Match an exact version.
      • Greater
        —Match any version that is equal to or greater than the specified version.
      • Lesser
        —Match any version that is equal to or lesser than the specified version.
      • Between
        —Match any version inclusive of and between two values.
      • Regex
        —Match a version using regular expressions.
  5. Save
    the condition.
    You can use the condition as a match criteria to either include or exclude endpoints from receiving a rule. See Include or Exclude Endpoints Using Conditions.

Recommended For You