Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Policies node

A policy is a group of compliance rules associated with a service. The rules within the policy may be nested within folders, which correspond to rule groups in BMC Server Automation.

Note

In the content format file, multiple policies can be associated with a single service. In BMC Server Automation, on the other hand, each component template has only one set of compliance rules. Therefore, during an import to BMC Server Automation, each policy is associated with a single component template and the policy groups together all compliance rules defined for that component template.

The following XML code presents an example of a policy under the policies node that contains several rules. Two rules are included in a folder named Basic Conditions, one without a remediation action defined and the other with a remediation action. Another folder named Referenced Rules contains several referenced rules, which refer back to the rule library.

<policies>
 <folder name="Component Template Group">
    <description>Description of Component Template Group</description>
    <policy id="component_template" service="associated_service_id">
       <description>Description of Component Template</description>
       <rules>
         <folder name="Basic Conditions" ref-number="1.0" name="CONFIGURATION_ITEMS">
          <rule name="Rule 1" ref-number="" service="associated_service_id">
             <description>Description of Rule 1</description>
             <notes>Notes for Rule 1</notes>
             <expression><![CDATA[??TARGET.OS?? contains "Windows"]]></expression>
             <remediation-package action="Do not remediate"/>
          </rule>
          <rule name="Rule 2" ref-number="" service="associated_service_id">
             <description>Description of Rule 2</description>
             <notes>Notes for Rule 2</notes>
             <expression><![CDATA[
"Configuration File Entry:/etc/login.defs//PASS_MAX_DAYS"."Value1 as Integer" less than or equal to "??PASS_MAX_DAYS??"
]]></expression>
             <remediation-package allow-auto-remediation="false" package="/SOX Compliance Content/Remediation Packages/SOX RedHat Linux" action="Remediate">
               <properties>
                 <property id="PASS_MAX_DAYS">
                   <value>??PASS_MAX_DAYS??</value>
                 </property>
               </properties>
             </remediation-package>
          </rule>
          <description>Description of Basic Conditions rule group</description>
          <notes>Notes for Basic Conditions rule group</notes>
        </folder>
        <folder name="Referenced Rules" ref-number="2.0" name="CONFIGURATION_ITEMS">
           <rule-ref id="Rule 1 in library" />
           <rule-ref id="Rule 2 in library" />
           <description>Description of Referenced Rules rule group</description>
           <notes>Notes for Referenced Rules rule group</notes>
        </folder>
      </rules>
    </policy>
 </folder>
</policies>

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*