File Integrity Monitoring

fileintegritydb

  • Version 9.3.0 and earlier: fileintegritydb setting not available.
  • Version 9.4.0 and later: fileintegritydb setting available.

The fileintegritydb option specifies the path to the File Integrity Monitoring database. This file is created in databasedir by default, unless the file name starts with '/'.

fileintegritydb	/etc/pbfim.db
fileintegritydb	/opt/<prefix>pbul<suffix>/dbs/pbfim.db

All Hosts

fileintegritysignaturesdb

  • Version 9.4.1 and earlier: fileintegritysignaturesdb setting not available.
  • Version 9.4.3 and later: fileintegritysignaturesdb setting available.

The fileintegritysignaturesdb option specifies the path to the local clients File Integrity Signature database.

fileintegritysignaturedb /etc/pbfimsigs.db
fileintegritydb /opt/<prefix>pbul<suffix>/dbs/pbfimsignatures.db

Clients

fileintegritydblocktimeout

  • Version 9.4.4 and earlier: fileintegritydblocktimeout setting not available.
  • Version 9.4.5 and later: fileintegritydblocktimeout setting available.

The fileintegritydblocktimeout option specifies in milliseconds the maximum time that the FIM server (pbconfigd) waits to acquire a lock on the database. This may be useful when multiple clients send FIM reports at roughly the same time. The lowest useful value is 1000 and the highest is 1200000 (twenty minutes).

fileintegritydblocktimeout 120000
fileintegritydblocktimeout 10000

FIM Servers

fileintegrityevents

  • Version 9.3.0 and earlier: fileintegrityevents setting not available.
  • Version 9.4.0 and later: fileintegrityevents setting available.

The fileintegrityevents option enables the generation of File Integrity Monitoring events for Change Management and Alerting.

fileintegrityevents	yes
fileintegrityevents	no

All hosts