Uploaded image for project: 'Red Hat Insights Strategy'
  1. Red Hat Insights Strategy
  2. RHIN-1785

[RFE]Exclude file with regex expression in Malware

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • Malware, RFE
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected

      ** Note that this is a public ticket, please refrain from adding any sensitive data. **

      1. Proposed title of this feature request
      Exclude file with regex expression in Malware

      2. Who is the customer behind the request?

      Account: AmeriCold Logistics, LLC
      acct # 1623735
      TAM customer: no
      CSM customer: no
      Strategic: no

      3. What is the nature and description of the request?
      Need to exlude files from Malware configuration using regex expression. For example,

      • /usr/lib/modules/[0-9][0-9\.elx_]/extra/falcon_lsm_pinned_[0-9].ko

      4. Why does the customer need this and how would the customer like to achieve this?? (List the business and functional requirements here)

      Customer is required to run falcon-sensor on their systems as an active scanning tool looking at activity on the system. Customer is looking at yara to be a different set of eyes and a passive scanning backup to falcon-sensor.

      5. Is there already an existing RFE upstream or in Red Hat Bugzilla?
      No

      6. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL8, RHEL9)?
      Yes, customer would like to get yara sanning implemented in PROD by June, 2024.

      7. Is the sales team involved in this request and do they have any additional input?
      No

      8. List any affected packages or components.
      Yara/ Malware

      9. Would the customer be able to assist in testing this functionality if implemented?
      Yes

              rhn-support-dkuc Dan Kuc
              rhn-support-achadha Arvinder Singh Chadha
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: