Policy Monitor script commands
Policy Monitor scripts include commands for various tasks such as: start, send, parse and table.
arr -propertyfile <propertyfile> -command <command> <...args>arr.jdbc_passwordSee the tables below for various commands.
Table A-1 Start Commands
| Command | Description | Options | Option Description |
|---|---|---|---|
| start-tls-server | Starts a TLS Policy Monitor running on a given
port. Note: Ensure the following properties are available and
encrypted in the input property file:
|
-arr.port | The port to listen on (6514 is the standard port for syslog over TLS). |
| - | - | -arr.persistence_unit_name | The name of the javax persistence unit defined in persistence.xml. |
| - | - | -arr.jdbc_driver | The JDBC database driver type. For example: Oracle: oracle.jdbc.OracleDriver |
| - | - | -arr.jdbc_url | The JDBC database URL. |
| - | - | arr.jdbc_username | The JDBC database user name. |
| - | - | -arr.keystore | The server keystore. |
| - | - | -arr.truststore | The server truststore. |
| start-udp-server | Starts an UDP Policy Monitor running on a given port. | -arr.port | The port to listen on (514 is the standard port for syslog over UDP). |
| - | - | -arr.persistence_unit_name | The name of the javax persistence unit defined in persistence.xml. |
| - | - | -arr.jdbc_driver | The JDBC database driver type. For example: Oracle: oracle.jdbc.OracleDriver |
| - | - | -arr.jdbc_url | The JDBC database URL. |
| - | - | -arr.jdbc_username | The JDBC database user name. |
| start-tcp-server | Starts a TCP Policy Monitor running on a given port. Note: This command is not recommended for production use. | -arr.port | The port to listen on. |
| - | - | -arr.persistence_unit_name | The name of the javax persistence unit defined in persistence.xml. |
| - | - | -arr.jdbc_driver | The JDBC database driver type. For example: Oracle: oracle.jdbc.OracleDriver |
| - | - | -arr.jdbc_url | The JDBC database URL. |
| - | - | -arr.jdbc_username | The JDBC database user name. |
Table A-2 Parse Commands
| Command | Description | Options | Option Description |
|---|---|---|---|
| parse-audit-msg | Tests the validity of an audit message. | -arr.input_file | A file containing an audit message. |
| parse-syslog-msg | Tests the validity of a syslog message. | -arr.input_file | A file containing a syslog message. |
Table A-3 Table Commands
| Command | Description | Options | Option Description |
|---|---|---|---|
| create-tables | Creates the required Policy Monitor database tables and sequences. | -arr.persistence_unit_name | The name of the javax persistence unit defined in persistence.xml. |
| - | - | -arr.jdbc_driver | The JDBC database driver type. For example: Oracle: oracle.jdbc.OracleDriver |
| - | - | -arr.jdbc_url | The JDBC database user name. |
| checks-tables | Checks the required audit server database tables and sequences. | -arr.persistence_unit_name | The name of the javax persistence unit defined in persistence.xml. |
| - | - | -arr.jdbc_driver | The JDBC database driver type. For example: Oracle: oracle.jdbc.OracleDriver |
| - | - | -arr.jdbc_url | The JDBC database URL. |
| - | - | -arr.jdbc_username | The JDBC database user name. |
| drop-and-create-tables | Drops and recreates the Policy Monitor database tables and sequences. | -arr.persistence_unit_name | The name of the javax persistence unit defined in persistence.xml. |
| - | - | -arr.jdbc_driver | The JDBC database driver type. For example: Oracle: oracle.jdbc.OracleDriver |
| - | - | -arr.jdbc_url | The JDBC database URL. |
| - | - | -arr.jdbc_username | The JDBC database user name. |
Send Commands
send-tls-msg
Sends a syslog message to a Policy Monitor supporting TLS. Note: Ensure the following properties are available and encrypted in the input property file:
arr.keystore_password
arr.truststore_password
arr.keymanager_keystore_passwordOptions:
-arr.input_file - A file containing a syslog message.
-arr.hostname - The host name of the syslog server.
-arr.port - The port of the syslog server.
-arr.keystore - The client keystore.
-arr.truststore - The client truststore.
send-udp-msg
Sends a syslog message to Policy Monitor supporting UDP.
Options:
-arr.input_file - A file containing a syslog message.
-arr.port - The port of the syslog server.
-arr.hostname - The host name of the syslog server.
send-tcp-msg
Sends a syslog message to a Policy Monitor supporting TCP.
Options:
-arr.input_file - A file containing a syslog message.
-arr.port - The port of the syslog server.
-arr.hostname - The host name of the syslog server.
Here are some Policy Monitor commands and examples
Table A-4 Policy Monitor script command examples
| Command | Example |
|---|---|
| create-tables | > arr -propertyfile arr.properties -command create-tables |
| check-tables | > arr -propertyfile arr.properties -command check-tables |
| drop-and-create-tables | > arr -propertyfile arr.properties -command drop-and-create-tables |
| parse-audit-msg | > arr -propertyfile arr.properties -command parse-audit-msg -arr.input_file test_audit_msg.txt |
| parse-syslog-msg | > arr -propertyfile arr.properties -command parse-syslog-msg -arr.input_file test_syslog_msg.txt |
| send-tcp-msg | > arr -propertyfile arr.properties -command send-tls-msg -arr.hostname localhost -arr.input_file test_syslog_msg.txt |
| send-tls-msg | > arr -propertyfile arr.properties -command send-tls-msg -arr.hostname localhost -arr.input_file test_syslog_msg.txt |
| send-udp-msg | > arr -propertyfile arr.properties -command send-udp-msg -arr.hostname localhost -arr.input_file test_syslog_msg.txt |
| start-tcp-server | > arr -propertyfile arr.properties -command start-tcp-server |
| start-tls-server | > arr -propertyfile arr.properties -command start-tls-server |
| start-udp-server | > arr -propertyfile arr.properties -command start-udp-server |
Parent topic: Policy Monitor script