Describe
The library should cover simple maintenance tasks like
1) Removing the old triggered alarms:
OK: This can be done with AlarmManager
2) Removing older reports
I don't think so.
3) Creating a ESM Settings backup
I don't think so.
4) Creating a Full Data backup.
Andy's code should be imported to the ESM object to create a start_full_backup() method maybe.
5) Removing the older Settings back up files:
I don't think so.
6) Removing the older full back up files locally stored in the ESM
I don't think so.
7) Performing a dummy write and policy rollout
Not yet, See #96
8) Running Cron jobs to capture hardware faults, device health status, available disk space in the partitions like checking the index_hd and data_hd available space, swap memory, load average CPU utilization, RAM utilization etc.
Ok: This can be done with ESM object
9) Performing manual rules update if automatic rules update is not enabled.
I don't think so.
Describe The library should cover simple maintenance tasks like
1) Removing the old triggered alarms: OK: This can be done with
AlarmManager
2) Removing older reports I don't think so. 3) Creating a ESM Settings backup I don't think so. 4) Creating a Full Data backup. Andy's code should be imported to theESM
object to create astart_full_backup()
method maybe. 5) Removing the older Settings back up files: I don't think so. 6) Removing the older full back up files locally stored in the ESM I don't think so. 7) Performing a dummy write and policy rollout Not yet, See #96 8) Running Cron jobs to capture hardware faults, device health status, available disk space in the partitions like checking the index_hd and data_hd available space, swap memory, load average CPU utilization, RAM utilization etc. Ok: This can be done withESM
object 9) Performing manual rules update if automatic rules update is not enabled. I don't think so.SIEM and msiempy versions:
Additional context Ticket open after review of this thread: https://community.mcafee.com/t5/Security-Information-and-Event/Periodic-ESM-Maintenance-Tasks/m-p/672378/highlight/false#