TOC & Recently Viewed

Recently Viewed Topics

FILE_CONTENT_CHECK_NOT

This audit examines the contents of a file for a match with the regex description in the regex field. This function negates FILE_CONTENT_CHECK. That is, a policy fails if the regex does match in the file. Use the “ignore” keyword to ignore one or more files from the specified search location(s).

This policy item checks if the file contains the regular expression regex and that this expression does not match expect.

Both regex and expect must be specified in this check.

Example

<custom_item>

type: FILE_CONTENT_CHECK_NOT

description: "Make sure NIS is not enabled on the remote host by making sure that '+::' is not in /etc/passwd"

file: "/etc/passwd"

regex: "^\+::"

expect: "^\+::"

file_required: NO

string_required: NO

</custom_item>

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.