TOC & Recently Viewed

Recently Viewed Topics

FILE_CONTENT_CHECK_NOT

This audit examines the contents of a file for a match with the regex description in the regex field. This function negates FILE_CONTENT_CHECK. That is, a policy fails if the regex does match in the file. Use the “ignore” keyword to ignore one or more files from the specified search location(s).

This policy item checks if the file contains the regular expression regex and that this expression does not match expect.

The allowed type is:

value_type: POLICY_TEXT

value_data: "PATH\Filename"

regex: "regex"

expect: "regex"

Both regex and expect must be specified in this check.

Example

<custom_item>

type: FILE_CONTENT_CHECK_NOT

description: "Make sure NIS is not enabled on the remote host by making sure that '+::' is not in /etc/passwd"

file: "/etc/passwd"

regex: "^\+::"

expect: "^\+::"

file_required: NO

string_required: NO

</custom_item>

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.