Copying /etc/asl/rules to another installation

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
Post Reply
chrismcb
Forum Regular
Forum Regular
Posts: 293
Joined: Tue Nov 23, 2010 7:30 am
Location: Glasgow, UK

Copying /etc/asl/rules to another installation

Unread post by chrismcb »

Just looking to find out how best to copy all of the tailored rules from one machine to another which are stored under /etc/asl/rules.

I've spent a bit of time tweaking email alert levels to ensure that only relevant ones are sent through on my hourly OSSEC report.

I have copied the file over and ran asl -s f, however they don't all seem to be loaded into the system.

Is there another command which would load this file in?
Top
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:
Contact scott

Re: Copying /etc/asl/rules to another installation

Unread post by scott »

Use: asl -s -f

And please note that the format of this file has changed from V3 to V4. If you are copying a V3 file over you may need to verify the changes through the rule manager to make sure it re-formats the file in the correct layout.
Top
chrismcb
Forum Regular
Forum Regular
Posts: 293
Joined: Tue Nov 23, 2010 7:30 am
Location: Glasgow, UK

Re: Copying /etc/asl/rules to another installation

Unread post by chrismcb »

Thanks - that must have been it, a couple of older ones weren't integrated.
Top
Post Reply

Return to “Atomic Protector (formerly ASL)”