Global

JSON output {{managerConfiguration.global.jsonout_output}}

Log alert level {{managerConfiguration.alerts.log_alert_level}}

Cluster

Name {{managerConfiguration.cluster.name}}

Node type {{managerConfiguration.cluster.node_type}}

Syscheck

Frequency {{managerConfiguration.syscheck.frequency}}

Alert new files {{managerConfiguration.syscheck.alert_new_files}}

Rootcheck

Frequency {{managerConfiguration.rootcheck.frequency}}

Skip NFS {{managerConfiguration.rootcheck.skip_nfs}}

Logcollector

Logcollector settings

E-mail alerts

Email to {{managerConfiguration.email_alerts.email_to}}

Alert level {{managerConfiguration.email_alerts.alert_level}}

Auth

Purge {{managerConfiguration.auth.purge}}

Force insert {{managerConfiguration.auth.force_insert}}

Ruleset

Ruleset settings

Command

Command settings

Active response

Active response settings

Remote

Agents events listening settings

Global

JSON output {{managerConfiguration.global.jsonout_output}}

Log all {{managerConfiguration.global.logall}}

Log all in JSON {{managerConfiguration.global.logall_json}}

White list {{managerConfiguration.global.white_list.length <= 5 ? managerConfiguration.global.white_list : managerConfiguration.global.white_list.length}}

Stats {{managerConfiguration.global.stats}}

Host information {{managerConfiguration.global.host_infomation}}

Log alert level {{managerConfiguration.alerts.log_alert_level}}

E-mail notifications {{managerConfiguration.global.email_notification}}

E-mail alert level {{ managerConfiguration.alerts.email_alert_level }}

E-mail to {{managerConfiguration.global.email_to}}

E-mail from {{managerConfiguration.global.email_from}}

SMTP server {{managerConfiguration.global.smtp_server}}

Max email per hour {{managerConfiguration.global.email_maxperhour}}

E-mail IDS name {{managerConfiguration.global.email_idsname}}

Cluster

Disabled {{managerConfiguration.cluster.disabled}}

Hidden {{managerConfiguration.cluster.hidden}}

Name {{managerConfiguration.cluster.name}}

Interval {{managerConfiguration.cluster.interval}}

Node name {{managerConfiguration.cluster.node_name}}

Node type {{managerConfiguration.cluster.node_type}}

Port {{managerConfiguration.cluster.port}}

Bind address {{managerConfiguration.cluster.bind_addr}}

Nodes {{managerConfiguration.cluster.nodes}}

Syscheck

Disabled {{managerConfiguration.syscheck.disabled}}

Frequency {{managerConfiguration.syscheck.frequency}}

Scan time {{managerConfiguration.syscheck.scan_time}}

Scan day {{managerConfiguration.syscheck.scan_day}}

Auto ignore {{managerConfiguration.syscheck.auto_ignore}}

Alert new files {{managerConfiguration.syscheck.alert_new_files}}

Scan on start {{managerConfiguration.syscheck.scan_on_start}}

No diff {{managerConfiguration.syscheck.nodiff}}

Skip NFS {{managerConfiguration.syscheck.skip_nfs}}

Monitoring directories

Path {{item.path}}

Check all {{item.check_all}}

Rootcheck

Disabled {{managerConfiguration.rootcheck.disabled}}

Rootkit files {{managerConfiguration.rootcheck.rootkit_files}}

Rootkit trojans {{managerConfiguration.rootcheck.rootkit_trojans}}

Base directory {{managerConfiguration.rootcheck.base_directory}}

Scan all {{managerConfiguration.rootcheck.scanall}}

Frequency {{managerConfiguration.rootcheck.frequency}}

Skip NFS {{managerConfiguration.rootcheck.skip_nfs}}

System audit files

File {{item}}

Ruleset

Decoder directories

Path {{item}}

Decoder excludes

Path {{item}}

Decoder files

Path {{item}}

Rules directories

Path {{item}}

Rules files

Path {{item}}

Rule excludes

Path {{item}}

Path {{managerConfiguration.ruleset.rule_exclude}}

CDB Lists

Path {{item}}

Path {{managerConfiguration.ruleset.list}}

Logcollector

Location {{item.location}}

Command {{item.command}}

Log format {{item.log_format}}

Frequency {{item.frequency}}

Alias {{item.alias}}

Check diff {{item.check_diff}}

E-mail alerts

Email to {{managerConfiguration.email_alerts.email_to}}

Alert level {{managerConfiguration.email_alerts.alert_level}}

Group {{managerConfiguration.email_alerts.group}}

Event location {{managerConfiguration.email_alerts.event_location}}

Format {{managerConfiguration.email_alerts.format}}

Rule ID {{managerConfiguration.email_alerts.rule_id}}

Do not delay {{managerConfiguration.email_alerts.do_not_delay}}

Do not group {{managerConfiguration.email_alerts.do_not_group}}

Auth

Disabled {{managerConfiguration.auth.disabled}}

Purge {{managerConfiguration.auth.purge}}

Force insert {{managerConfiguration.auth.force_insert}}

SSL verify host {{managerConfiguration.auth.ssl_verify_host}}

Limit max agents {{managerConfiguration.auth.limit_maxagents}}

Force time {{managerConfiguration.auth.force_time}}

SSL manager key {{managerConfiguration.auth.ssl_manager_key}}

SSL manager cert {{managerConfiguration.auth.ssl_manager_cert}}

Use source IP {{managerConfiguration.auth.use_source_ip}}

Use password {{managerConfiguration.auth.use_password}}

Port {{managerConfiguration.auth.port}}

SSL auto negotiate {{managerConfiguration.auth.ssl_auto_negotiate}}

Ciphers {{managerConfiguration.auth.ciphers}}

Command

Name {{item.name}}

Expect {{item.expect}}

Executable {{item.executable}}

Timeout allowed {{item.timeout_allowed}}

Active response

Command {{item.command}}

Location {{item.location}}

Agent ID(s) {{item.agent_id}}

Level {{item.level}}

Timeout {{item.timeout}}

Rules ID(s) {{item.rules_id}}

Repeated offenders {{item.repeated_offenders}}

Remote

Connection {{item.connection}}

Port {{item.port}}

Protocol {{item.protocol}}