CO-Fmon.cnf file

This section provides an instance of the CO-Fmon.cnf file that is the central configuration file used by the BMC Defender FIM Adapter service. An administrator or system developer can edit this file to specify the directories and parameters used by the BMC Defender FIM Adapter.

The CO-Fmon.cnf file is documented as stated in that section, the configuration file does not necessarily ever have to be modified by you. The default configuration, created by the installation utility, is adequate for many (perhaps most) environments. However, if you want to create a highly customized installation, targeting specific types of event log messages, that capability readily exists through the directives in the file.

This file resides in the same directory as the CO-Fmon.exe. The file provided here is the default configuration that comes with the system.

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

#FMON - CorreLog File integrity Monitor, Configuration File.

#The following two items are the only items actually required.
#They are configured manually, or by the installation procedure,
#and are not affected by remote configuration operations.

DestinationAddress  192.168.1.100
DestinationPort     514

#The "ListenAuthMode" can take values as follows:
#0=No Auth, 1=Source Address, 2=PassKey, 3=Address and Key.

ListenAuthMode      3
ListenPassKey       Default
ListenPort          55515

#General Parameters

Schedule            hourly
SchedDelaySecs      0
ChangeSeverity      warning
AddSeverity         notice
DeleteSeverity      notice
AutoGenImage        True
UseChecksum         False
PollDelayMsec       1

# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

# Directory Monitor parameters.

Directory           %SystemRoot%/system32
MatchPatt           *.exe
MatchPatt           *.dll
MatchPatt           *.bat
MatchPatt           *.cmd
MatchPatt           *.ini
ExclPatt            temp
ExclPatt            cache

 # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

Directory           /correlog
MatchPatt           *.exe
MatchPatt           *.dll
MatchPatt           *.bat
MatchPatt           *.cmd
MatchPatt           *.ini
ExclPatt            temp
ExclPatt            cache


# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #

# Up to 50 directories may be added.

# END OF FILE 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*