Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 22 Next »



To fully use this screen, you must add the following permission to your account:

  • Read FIM


View FIM Data


  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security.
  2. Click File Integrity Monitoring.

Column

Description

Name

For Armor Complete, the name of the virtual machine you created in AMP.

For Armor Anywhere, the name of the instance that contains the installed Anywhere agent, which includes the FIM subagent.

Provider

For Armor Complete, the entry will display Armor.

For Armor Anywhere, the name of the public cloud provider for the instance.

Status

The health status of the subagent, which is based on how long the FIM subagent has been offline.

There are three status types:

  • Secured (in green)
  • Warning (in yellow)
  • Critical (in red)
Connectivity

The connection status of the subagent.

There are three connection types:

  • Offline
  • Online
  • Unknown
Timestamp

The date and time that the FIM subagent last communicated with Armor.

To learn how the overall FIM status is determined, see Understand FIM data.


Understand FIM Data


Error rendering macro 'excerpt-include' : No link could be created for 'ESLP:Understand FIM status (snippet)'.


View Detailed FIM Data


The File Integrity Monitoring details screen displays the changes that has been detected in certain files in your virtual machine. This screen only shows data for the last 90 days. 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security

  2. Click File Integrity Monitoring.

  3. Locate and select the desired virtual machine. 

Column

Description

Filename

The name of the file where a change was detected.

Description

A short summary of the change that took place.

Change Type

The type of change that took place in the file.

Scan DateThe date when the change was detected.


Export FIM Data


To export the data: 

  1. In the Armor Management Portal (AMP), in the left-side navigation, click Security
  2. Click File Integrity Monitoring.
  3. (Optional) Use the filter function to customize the data displayed. 
  4. Below the table, click CSV. You have the option to export all the data (All) or only the data that appears on the current screen (Current Set). 

    Function

    Data Displayed

    Notes

    CSVVM Name, VM Provider, IP Address, OS, FIM Agent Status Fixed, FIM Agent Version, FIM Last Communication DateA blank entry indicates that the action has never taken place.

Troubleshooting

Armor troubleshoots servers that contain File Integrity Monitoring subcomponents in a Warning or Critical status. To troubleshoot with Armor, you must submit a support ticket.

  1. In the Armor Management Portal (AMP), click Support, and then click Tickets
  2. Click Create a Ticket.
  3. Select or search for the desired category for your ticket request type.
  4. Complete the missing fields.
    1. In Description, enter useful details that can help Armor quickly troubleshoot the problem.
  5. Click Create
  6. To view the status of your ticket, in the left-side navigation, click Support, and then click Tickets


Review API Calls


  • No labels