|
To receive notification of detected signatures, create an evaluation script and use the Windows Task Scheduler or the Linux crontab command to schedule the script to run at regular intervals. Each time the script runs an evaluation, the signature.log file in the Guardian installation directory is updated with an entry that tells whether the signature was detected or not. You can set a third party management tool to scan that log for detected signatures and notify you when one is found.
Each signature.log entry starts with four number signs (####) and includes a time stamp. Each entry with a detected signature contains <detected> and is followed by a brief description which is also surrounded by < >. The description includes the domain name. Following is a sample signature.log file:
####<Tue Aug 01 16:03:47 EDT 2006> <0> <g-dev_slp7_7001> <un> <0> <000022> <not detected> <Signature 000022 (Rotational Upgrade may cause java.io.StreamCorruptedException) not detected by username un evaluating bundle ID 0 in domain ID g-dev_slp7_7001.>
####<Tue Aug 01 16:03:47 EDT 2006> <0> <g-dev_slp7_7001> <un> <0> <000027> <detected> <Signature 000027 (Native IO should be enabled in production mode for better performance) detected by username un evaluating bundle ID 0 in domain ID g-dev_slp7_7001.>
####<Tue Aug 01 16:03:47 EDT 2006> <0> <g-dev_slp7_7001> <un> <0> <000055> <not detected> <Signature 000055 (JDK 1.5 is not certified for WebLogic 8.1) not detected by username un evaluating bundle ID 0 in domain ID g-dev_slp7_7001.>
|
|