Agents Administration - Tests
 

Default Parameters for ScrtyFlMdfctnChcksTest

The ScrtyFlMdfctnChcksTest test reports the number of files/folders that are modified. An abnormal increase in the number of modified files is an indication of malware activity. Therefore, by using this test, administrators are able to proactively detect any suspicious changes to the file/folder before it causes a potential security threat. The detailed diagnosis of this test provides additional details on the file name, time of last modification, etc.

This page depicts the default parameters that need to be configured for the ScrtyFlMdfctnChcksTest.

  • The TEST PERIOD list box helps the user to decide how often this test needs to be executed.

  • Provide a comma-separated list of the full path of the files in the FILES TO BE MONITORED text box that are to be monitored. If the full path to any folder is configured here, then the test monitors the changes only for the files under the folder and not the sub-folders. By default, none is displayed in this text box. In that case, this test will not be able to execute and hence no metrics will be generated.

  • The DD FREQUENCY parameter refers to the frequency with which detailed diagnosis measures are to be generated for this test. The default is 1:1. This indicates that, by default, detailed measures will be generated every time this test runs, and also every time the test detects a problem. You can modify this frequency, if you so desire. Also, if you intend to disable the detailed diagnosis capability for this test, you can do so by specifying none against DD FREQUENCY parameter.

  • Once the necessary values have been provided, clicking on the UPDATE button will register the changes made.

When changing default configurations of tests, the values with “$” indicate variables that will be replaced by the eG system according to the specific server being managed - for instance, $hostName is the host/nickname of the target host, $port is the port number of the server being monitored. E.g., for a server xyz:80, $hostName will be changed automatically by the eG manager to “xyz*” and $port will be changed to “80” when configuring a test.