Integrity Monitoring: General Steps

Use the following steps to configure the Integrity Monitoring module:

  1. Create an IntegrityMonitoringPolicyExtension object and set the property values.
  2. Create a PolicySettings object to configure runtime settings of the module. (See Configure policy and default policy settings.)
  3. Create a Policy object and add the IntegrityMonitoringPolicyExtension and PolicySettings objects.
  4. Use a PoliciesApi object to add or update the policy on Deep Security Manager.

Create an IntegrityMonitoringPolicyExtension object and set the module state:

  • Python:

    policy_config_integrity_monitoring = api.IntegrityMonitoringPolicyExtension()
policy_config_integrity_monitoring.state = "on"

  • JavaScript:

    const integrityMonitoringPolicyExtension = new api.IntegrityMonitoringPolicyExtension();
integrityMonitoringPolicyExtension.state = api.IntegrityMonitoringPolicyExtension.StateEnum.on;

  • Java:

    IntegrityMonitoringPolicyExtension integrityMonitoringPolicyExtension = new IntegrityMonitoringPolicyExtension();
integrityMonitoringPolicyExtension.setState(StateEnum.ON);
Set the rule IDs. Note that the Integrity Monitoring rules that are currently assigned to the policy will be overwritten:

  • Python:

    policy_config_integrity_monitoring.rule_ids = im_rule_ids

  • JavaScript:

    integrityMonitoringPolicyExtension.ruleIDs = imRules;

  • Java:

    integrityMonitoringPolicyExtension.setRuleIDs(ruleIds);

At this point, the integrity Monitoring policy extension is configured. Next, it is added to a Policy object. Then use a PoliciesApi object to modify a policy on Deep Security Manager.

  • Python:

    policy = api.Policy()
policy.integrity_monitoring = policy_config_integrity_monitoring

policies_api = api.PoliciesApi(api.ApiClient(configuration))
modified_policy = policies_api.modify_policy(policy_id, policy, api_version)

  • JavaScript:

    const policy = new api.Policy();
policy.integrityMonitoring = integrityMonitoringPolicyExtension;

const policiesApi = new api.PoliciesApi();
return policiesApi.modifyPolicy(policyID, policy, apiVersion, { overrides: false });

  • Java:

    Policy policy = new Policy();
policy.setIntegrityMonitoring(integrityMonitoringPolicyExtension);

PoliciesApi policiesApi = new PoliciesApi();
Policy modifiedPolicy = policiesApi.modifyPolicy(policyId, policy, Boolean.FALSE, apiVersion);

The policy_id (or policyID) parameter of modifyPolicy identifies the actual policy on Deep Security Manager that is to be modified. This policy is modified according to the policy object that is used as the policy parameter. Any properties of the policy parameter that are not set remain unchanged on the actual policy.