Complete the following steps to activate the rule set delivered with the latest version of UNIX Agent Manager on your agent computers. These rules configure the event detection and alerting daemon to send events to Sentinel.
To deploy rule sets to agent computers:
Start the UNIX Agent Manager.
Click Rules Manager.
Make any changes you want to make to the default rule set displayed in the Rule Manager, customize the rule set as needed until the rule set is correctly configured for your environment.
After you made changes to the rule set, save a copy by clicking FileĀ > Save/Save All and completing the Save window.
In the Available Hosts list, select the agent computers where you want to deploy the rule set.
Click File > To Select Hosts.
Click Select to deploy the rule set. The detectd process, which is a watchdog process, begins processing and initializing the new rule set immediately. However, it may take up to 30 seconds for the new rule set to take effect.
Click Hosts > Scan All Hosts.
Verify that the rule set is active on the agent computers. The Sentinel column shows green cells for all agents with an active rule set.