Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-30794

Policy criteria and detection of file system activity

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • Central, Sensor
    • None
    • File System Activity Detection
    • False
    • Hide

      None

      Show
      None
    • False
    • Not Selected
    • To Do
    • 73% To Do, 9% In Progress, 18% Done

      Overview:

      New policy criteria must be created in order to detect file system activity, and the detection engine must be updated to support a new stream of file system events, which may or may not be enriched with process/deployment information.

      Requirements:

      • Policies must support new fields for processing file system activity
      • The detection engine must be able to process file system events with regard to the policies
        • The detection should work when the event has deployment information and when it only contains host/node information

              Unassigned Unassigned
              ghutton@redhat.com Giles Hutton
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: