Running the Verify
The first thing you will want to do is to run an InitCatalog level Verify Job. This will initialize the Catalog to contain the file information that will later be used as a basis for comparisons with the actual file system, thus allowing you to detect any changes (and possible intrusions into your system).
The easiest way to run the InitCatalog is manually with the Console program by simply entering run. You will be presented with a list of Jobs that can be run, and you will choose the one that corresponds to your Verify Job, MatouVerify in this example.
The defined Job resources are:
1: MatouVerify
2: kernsrestore
3: Filetest
4: kernsave
Select Job resource (1-4): 1
Next, the console program will show you the basic parameters of the Job and ask you:
Run Verify job
JobName: MatouVerify
FileSet: Verify Set
Level:
Catalog
Client:
MatouVerify
Storage: DLTDrive
Verify Job:
Verify List: /tmp/regress/working/MatouVerify.bsr
OK to run? (yes/mod/no): mod
Here, you want to respond mod to modify the parameters because the Level is by default set to Catalog and we want to run an InitCatalog Job. After responding mod, the Console will ask:
Parameters to modify:
1: Level
2: Storage
3: Job
4: FileSet
5: Client
6: When
7: Priority
8: Pool
9: Verify Job
Select parameter to modify (1-5): 1
you should select number 2 to modify the Level, and it will display:
Levels:
1: Initialize Catalog
2: Verify Catalog
3: Verify Volume to Catalog
4: Verify Disk to Catalog
5: Verify Volume Data
Select level (1-4): 1
Choose item 1, and you will see the final display:
Run Verify job
JobName: MatouVerify
FileSet: Verify Set
Level:
Initcatalog
Client:
MatouVerify
Storage: DLTDrive
Verify Job:
Verify List: /tmp/regress/working/MatouVerify.bsr
OK to run? (yes/mod/no): yes
at which point you respond yes, and the Job will begin.
Thereafter, the Job will automatically start according to the schedule you have defined. If you wish to immediately verify it, you can simply run a Verify Catalog which will be the default. No differences should be found.
To use a previous Job, you can add jobid=xxx
option in run command line.
It will run the Verify Job against the specified Job.
*run jobid=1 job=MatouVerify
Run Verify job
JobName: MatouVerify
Level: Catalog
Client: 127.0.0.1-fd
FileSet: Full Set
Pool: Default (From Job resource)
Storage: File (From Job resource)
Verify Job: MatouVerify.2010-09-08_15.33.33_03
Verify List: /tmp/regress/working/MatouVerify.bsr
When: 2010-09-08 15:35:32
Priority: 10
OK to run? (yes/mod/no):
See also
Go back to:
Go to:
Go back to the Using Verify Jobs to Improve Computer Security chapter.
Go back to the main Advanced Features Usage page.