Create a FAM policy and its rules from scratch for Windows and UNIX servers

Set up file activity monitoring by defining and managing policies and rules in the Policy Builder for Files window.

About this task

Once you open the Policy Builder for Files and additional views within the policy builder, you can toggle between the various views by clicking Policy Builder for Files, New Policy and Create New Rule at the bottom of the page.

You can also create policies and rules using the API.

Procedure

  1. On a standalone or MU, access the FAM policy builder. Go to Protect > Security Policies > Policy Builder for Files.
  2. Click Create new policy to open the New Policy page.
  3. In the Type field, select Windows, Linux, and Unix systems.
  4. In the Policy Name field, type a name for the policy. (You can save the policy once a rule is defined.)
  5. To add existing rules to the policy.
    1. Click Show Templates. The Rule Templates table opens.
    2. Optionally filter the list with the filter function.
    3. Select one or more rules and click the right arrow
  6. To create a new rule.
    1. Click create new rule to open the Create New Rule page.
    2. In the Rule name section, type the name.
    3. In the Choose datasources section, specify a datasource manually, by selecting from a list of datasources, or by selecting a group of datasources. See Datasource and Groups.
    4. In the Define rule criteria to include or exclude file paths, optionally to monitor the subdirectories in the file path or to monitor removable media. See Rule criteria.
    5. In the Define rule action section, define the rule action. See Rule Action.
  7. Click Save.
  8. To modify an existing rule and add it to the policy.
    1. In the New Policy page, click Show Templates.
    2. Under Rule Templates, select the rule and click Copy.
    3. Under Rule, select the rule and clickedit rule, change the name, modify the other attributes as relevant, and click Save.
  9. Change the order of the rules using the reorder rules.
  10. Delete a rule by selecting it and clicking delete rule.
  11. Click Save to save the policy, or Save and Install to install the policy immediately. (See Using the Policy Installation tool.