Configuring Sample Rulebases
To configure the sample rulebases to be used with Hawk:
- Go to CONFIG_HOME/hkam/<host_instance_name>/scripts.
- Edit configure-hkam.properties to specify the following variables:
- Run the configure script from the command line:
Note: By default, the admin_emsconfig_password in the tct-install.properties file has empty value. Therefore configure scripts will generate empty password in hawkems-<host_name>.hma file. To pick up a non-empty EMS password, modify the value admin_emsconfig_password in the tct-install.properties file, and rerun the configure script to generate the .hma file. Alternatively, you can manually update the value of -encryptedPassword with the value of ${password} in hawkems-<host_name>.hma file.
<arg>-encryptedPassword</arg> <arg>${password}</arg> - Configure the CLEvent Publisher Microagent.
- Modify the following properties:
- On Windows:
Launch tibhawkconfig.exe, and in the Agent tab, add or modify the following properties:
a. Set the Autoconfiguration Directory as CONFIG_HOME/hkam/<host_instance_name>/rulebases
b. Set the value of Plugins as CONFIG_HOME/hkam/<host_instance_name>/plugin
c. Set the variables file as CONFIG_HOME/hkam/<host_instance_name>/data/Hawk-amx_variables.properties
- On UNIX:
Edit HAWK_CONFIG/bin/hawkagent.cfg to configure the following properties:
a. hma_plugin_dir "CONFIG_HOME/hkam/<host_instance_name>/plugin"
b. variables "CONFIG_HOME/hkam/<host_instance_name>/data/Hawk-amx_variables.properties"
c. auto_config_dir "CONFIG_HOME/hkam/<host_instance_name>/rulebases"
- On Windows:
Start Hawk HMA, Hawk Agent, Hawk Display and so on, as appropriate for your platform.