How to use TrueSight Server Automation for Payment Card Industry File Integrity Monitoring

The following topics describe how to use the TrueSight Server Automation product for Payment Card Industry (PCI) File Integrity Monitoring (FIM). The process uses the TrueSight Server Automation compliance, discovery, snapshot, and change tracking features, along with the reporting features in the TrueSight Smart Reporting for Server Automation solution to achieve and support an organization's PCI FIM goals.

The process starts with standard PCI FIM templates, which you can configure to satisfy the specific needs of your organization. The templates define the rules for discovering the servers to monitor and the files and directories to track for changes. You then build a set of Discover and Snapshot Jobs and bundle them into a Batch Job, scheduling the pair of jobs for automatic, recurring execution. You can examine the results of the jobs in the TrueSight Server Automation Console, to ensure that the data you are tracking is valid, relevant, and appropriate to your specific change tracking and FIM needs. The Snapshot Job compares the results of the last job run to the current one and highlights the differences.

A regularly-scheduled extract, transform, and load (ETL) job sends the change tracking data to the reporting data warehouse. You can examine and validate the results in out-of-the box change tracking reports and dashboards that are available directly from the Console. You can also customize change tracking reports as necessary to meet your organization's specific needs.
 This following topics are specific to TrueSight Server Automation version 8.0, however they also apply, with minor differences, to later versions.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*