msiempy icon indicating copy to clipboard operation
msiempy copied to clipboard

Published 20 hours ago verified publisher icon mfesiem

Periodic ESM Maintenance Tasks with API

Open tristanlatr opened this issue 4 years ago • 0 comments

Describe The library should cover simple maintenance tasks like

  1. Removing the old triggered alarms: OK: This can be done with AlarmManager
  2. Removing older reports I don't think so.
  3. Creating a ESM Settings backup I don't think so.
  4. Creating a Full Data backup. Andy's code should be imported to the ESM object to create a start_full_backup() method maybe.
  5. Removing the older Settings back up files: I don't think so.
  6. Removing the older full back up files locally stored in the ESM I don't think so.
  7. Performing a dummy write and policy rollout Not yet, See #96
  8. Running Cron jobs to capture hardware faults, device health status, available disk space in the partitions like checking the index_hd and data_hd available space, swap memory, load average CPU utilization, RAM utilization etc. Ok: This can be done with ESM object
  9. Performing manual rules update if automatic rules update is not enabled. I don't think so.

SIEM and msiempy versions:

  • msiempy: 0.3.5

Additional context Ticket open after review of this thread: https://community.mcafee.com/t5/Security-Information-and-Event/Periodic-ESM-Maintenance-Tasks/m-p/672378/highlight/false#

tristanlatr avatar Nov 15 '20 22:11 tristanlatr