Condividi tramite


Creating a Manifest with the Desired Configuration Monitoring (DCM) Solution

Building a manifest using the DCM Solution is pretty easy. It’s no rocket science. If you can follow the three simple steps below, you will end up building a manifest yourself within no time! Here you go…

  1. Ask yourself – What is it that I want to check or monitor for compliance?
  2. Figure out – Where do I get the data from?
  3. Confirm – What is the desired value of the configuration item in your enterprise?

If you have answers to all the three questions above, you are already half done. Let’s complete the remaining half! For the sake of this article, I am considering a simple example. Let’s say, I want to check my Antivirus version. So, I got to ask the same three questions to myself.

 

  1. What is it that I want to monitor?

     My answer - I want to monitor my Antivirus Version.

 

  1. Where do I get the data from?

My answer – I know that the antivirus version is stored in the registry at the location HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\eTrustAntivirus\CurrentVersion. This location varies based on the antivirus product you use. I use eTrust and it’s stored in the location specified above. You can use regedit to figure this out pretty easily.

 

  1. What is the desired value of the configuration item in your enterprise?

My answer - I know that the desired value of my antivirus version should be 7.1.

 

Now that I have answers to all the three questions, let’s go and build the manifest. Oh, I forgot to tell you one very important thing. How do these three questions / answers relate to building a manifest using the DCM Solution Authoring tool? Let me show you the link first. In a DCM manifest we have three main elements:

  • Data Source
  • Setting
  • Rule

A Data Source and a Setting together specify Where a particular piece of information is located. A Rule specifies what the desired value of that piece of information should be. If you try to relate these three elements to the questions you answered before, you can relate them as follows:

What is it that I want to monitor - Gives you a head start.

Where do I get the data from - Data Source and Setting together specify this

What is the desired value – Rule specifies this

 

Now, I can easily create the manifest to monitor my antivirus version. The screenshots below show the progress…

I have also attached the manifest file I generated for this purpose.

Thanks!

av.xml