Security Content Updates configuration is in bad state-fireeye-wMPS
Indeni will alert if Security Content Updates is not enabled or updates are not downloaded and installed.
Users are advised to ensure Security Content Updates is enabled and updates are downloaded and installed on the FireEye NX device.
How does this work?
Indeni uses the FireEye NX cli “show fenet security-content status” command to retrieve the information and alerts the user if the update is not set to enabled.
Why is this important?
It is important to ensure that the security content update is enabled and the downloaded updates are installed on the FireEye NX device.
Without Indeni how would you find this?
User has to manually login to the device’s cli or web interface and check for the status update.
name: fireeye-nx-show-fenet-security-content-status description: Fetch security content status update information type: monitoring monitoring_interval: 5 minute requires: vendor: fireeye os.name: wMPS privileged-mode: 'true' comments: fireeye-nx-content-update-status: why: | It is important to ensure that the security content update is enabled and the downloaded updates are installed on the FireEye NX device. how: | Indeni uses the FireEye NX cli "show fenet security-content status" command to retrieve the information and alerts the user if the update is not set to enabled. can-with-snmp: false can-with-syslog: false steps: - run: type: SSH command: show fenet security-content status parse: type: AWK file: show-fenet-security-content-status.parser.1.awk
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/fireeye/nx/FireEyeNXSecurityContentStatusRule.scala