Set Component Exceptions - Associated Compliance Rules
The Associated Compliance Rules panel lets you define compliance rule exceptions.
Define compliance rule exceptions by clicking Add Compliance Rule, which opens the Select Compliance Rules dialog box.
The All Compliance Rules list shows all compliance rules and compliance rule groups. To move a rule between lists, select the rule and click the left or right arrow. If necessary, expand compliance rule groups to select the appropriate compliance rules. To move all rules from the Selected Compliance Rules list, click the double-left arrow.
If you want to limit this exception on the specific target component, specify a path to a particular system object by clicking Edit Ignored PathsThe Edit Ignored Paths dialog box opens.
- On the Edit Ignored Paths dialog box, from Type, select the type of server object that should be ignored.
- For Path, enter the path to the server object. The path can include wild cards.
- Click the right-arrow to move the server object you defined to the Detailed Exceptions list.
For example, you can create a compliance rule stating that the configuration file /etc/passwd must exist and that the only entries allowed within it are Admin and SupportLevel2. If you want to create an exception for a specific component that allows the SupportLevel1 entry to appear as well within the file, use this dialog box to specify a type of Configuration File and enter the path /etc/passwd//SupportLevel1. During compliance analysis, if /etc/passwd on the target component contains the two entries Admin and SupportLevel1, the component is found to be compliant with the rule due to the defined exception.
- On the Edit Ignored Paths dialog box, click OK.
On the Select Compliance Rules dialog box, click OK.
An identifying name for the compliance rule exception.
(Optional) Descriptive text for the compliance rule exception.
An identifier needed to synchronize this exception with some external system.
Indicates whether to limit how long the exception lasts.
To set an expiration date for the exception, click Expires and pick the date when the exception should expire. Otherwise, click Never expires if you do not want to limit the exception by time.
Additional information about the compliance rule exception.