Define Activation Conditions for Linux

Create a condition to specify specific match criteria for Linux policy rules.
To apply policy to Linux servers, you can create a condition to match any of the following characteristics:
  • File or folder path
  • Linux distribution type
  • Linux distribution version or versions
After creating a condition, you can use it to exclude or apply a rule to a Linux endpoint.
Use the following workflow to create a new condition for Linux.
  1. Select SettingsConditionsLinux. The Conditions page displays the Name, Description, and Path (if applicable) for each condition.
  2. Click the action menu manage-hidden-menu-icon.png and then Add a new condition.
  3. Enter a Name and Description to identify the condition.
  4. Select the type of condition: either Path to match on the path of a specific executable file or:
    • Path—Match a specific file or folder that exists on the Linux server (for example /sys/kernel/security/apparmor or /etc/redhat-release).
    • Distribution—Match one or more Linux distributions. Select the Distribution name and an optional distribution Version. The version format must match the format sent by the Traps agent. To identify the expected format for a specific endpoint, view the version on the MonitorAgentHealth page. If you do not specify version, the condition will apply to all versions. You can select a Version Comparison operator to evaluate the version:
      • Equal—Match an exact version.
      • Greater—Match any version that is equal to or greater than the specified version.
      • Lesser—Match any version that is equal to or lesser than the specified version.
      • Between—Match any version inclusive of and between two values.
      • Regex—Match a version using regular expressions.
  5. Save the condition.
    You can use the condition as a match criteria to either include or exclude endpoints from receiving a rule. See Include or Exclude Endpoints Using Conditions.

Related Documentation