Viewing the rule sets listing
BMC Network Automation is shipped with factory-installed rule sets, based on industry standards, regulatory standards, and vendor recommendations, or best practices. You can customize the factory-installed rules and rule sets to create customer-specific sets. Rule sets are simply containers for the rules which are assigned to one or more groups and enabled for “Continual Compliance” checking. This topic contains the following sections:
To view the list of rule sets
- Navigate to Network > Scripts > Rule Sets.
(Optional) Perform one of the following tasks by using the menu options that are available on the Rule Sets page:
Menu optionDescriptionViews Display rule sets matching a favorite view. See About lists and views and Managing and sharing views. Filter Filter the rule sets list based on selected criteria Add Add a rule set. See Adding a rule set. Manage Rights Manage access rights for rule sets. See Managing rule set access rights.
Print View Print the rule set list Refresh Refresh the list with any recent updates Help Display help for rule sets (Optional) Perform one of the following actions by clicking an icon in the Actions column on the Rule Sets page:
IconActionDescriptionView Display details about the rule set Edit Edit the rule set. See Adding a rule set. Copy Copy the rule set
Note: When you copy a rule set, the member rules are also copied. However, any association between a rule and a security vulnerability is not copied.Delete Delete the rule set Enable Enable the rule set1 Disable Disable the rule set
1. When a rule set is enabled, compliance checking is performed by the configuration snapshot and Network > Refresh Device Status actions. You should enable the rule set only after you have created, tested, and assigned the associated rules.
To perform compliance checks for enabled rule sets as part of the configuration snapshot operation, you must turn on the Check Compliance Violations after Snapshot system parameter. Compliance violations are logged and shown on the Dashboard. Logged violations could trigger a policy to perform one or more actions (for example, send notification or remediate).
To define a filter for the rule sets listing
- Select Network > Scripts > Rule Sets.
- Click the Filter menu option above the list of rule sets.
- Specify or select any of the following optional attributes:
- Name of the rule set
- Whether the rule set is enabled
- Click Submit.
Comments
Log in or register to comment.