TOC & Recently Viewed

Recently Viewed Topics

Conditions

It is possible to define if/then/else logic in the IBM iSeries policy. This allows the end-user to return a warning message rather than pass/fail in case an audit passes.

The syntax to perform conditions is the following:

<if>

<condition type: "or">

<Insert your audit here>

</condition>

<then>

<Insert your audit here>

</then>

<else>

<Insert your audit here>

</else>

</if>

Example

<if>

<condition type: "or">

<custom_item>

type: AUDIT_SYSTEMVAL

systemvalue: "QDSPSGNINF"

description: "Sign-on information is displayed (QDSPSGNINF)"

info: "\nref : http://publib.boulder.ibm.com/infocenter/iseries/v5r4/topic/books/sc415302.pdf pg. 23"

value_type: POLICY_DWORD

value_data: "1"

</custom_item>

</condition>

 

<then>

<custom_item>

type: AUDIT_SYSTEMVAL

systemvalue: "QDSPSGNINF"

description: "Sign-on information is not displayed (QDSPSGNINF)"

info: "\nref : http://publib.boulder.ibm.com/infocenter/iseries/v5r4/topic/books/sc415302.pdf pg. 23"

value_type: POLICY_DWORD

value_data: "1"

</custom_item>

</then>

 

<else>

<report type: "WARNING">

description: "Sign-on information is displayed (QDSPSGNINF)"

info: ""\nref : http://publib.boulder.ibm.com/infocenter/iseries/v5r4/topic/books/sc415302.pdf pg. 23"

info: "Check system policy to confirm requirements."

</report>

</else>

</if>

Whether the condition fails or passes never shows up in the report because it is a “silent” check.

Conditions can be of type and or or.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.