Create a Client Policy with the Client Policy Builder
To create a client policy with the client policy builder:
-
Log in to Log Correlation Engine via the user interface.
-
In the top navigation bar, click Policies.
The Policies page appears, displaying the policy table.
-
In the upper-left corner of the policy table, click the Add policy button.
The Client Policy Builder window appears, displaying the Create section.
-
In the OS list, select the operating system of the host for which you want to create a policy.
The Client list is filtered automatically to display only Tenable Log Correlation Engine clients that are supported on the select operating system. For example, if you select Windows, the Client list will be limited to just Tenable Client, the only supported Tenable Log Correlation Engine client for Windows.
-
In the Client list, select the client for which you want to create a policy, and then click the Start Editing button.
The Client Policy Builder appears. At the top of the Builder, the title bar displays the name of the default policy corresponding to the operating system and Tenable Log Correlation Engine client that you selected. A complete list of configuration items that are valid for the type of policy appear in the Basic pane. XML source code with corresponding values appears in the Advanced pane.
Note: The list of configuration items in the Basic pane includes items that do not yet have a configured value. If the configuration item normally accepts a value, No value defined will be displayed. In the case of a group, that group will not contain any items.
-
Using the Basic or Advanced panes, modify values for each configuration item.
Tip: In the Basic pane, to modify a configuration item that uses a list of values (e. g., ), click to add items and to remove items from the list. Additionally, to expand and collapse the lists, click and , respectively. If configuration items are visible in the Advanced pane but not in the Basic pane, it is likely that the parent configuration item is currently collapsed.
As you configure the policy, the Builder will validate the configuration items, and alert you if any invalid configuration is found.
-
Click the Save as button.
The Save file as dialog box appears.
-
In the Filename box, type a name for the policy. A valid file name cannot include the phrase default or TNS as a prefix, and cannot include spaces or underscores. Do not include a file extension. The operating system, client, and file extension will be appended to the name when the policy is saved.
For example, if you are saving a policy for the Tenable Log Correlation Engine Tenable Network Monitor that supports Red Hat Enterprise Linux, and you type corpnet as the name, the policy will be saved with the following complete name: corpnet_rhel_networkmonitor.lcp.
Note: The policy name can be a maximum of 50 characters.
-
Click OK.
Log Correlation Engine saves your configuration.
A notification appears, confirming that the policy was saved successfully. The Save button is enabled. You can continue to modify the policy and save those changes.
-
At the top of the Builder, in the title bar, click the Quit button.
The Policies page appears, displaying a list of default and existing policies.