Linux and UNIX systems: Configuring an Inspection Engine

Configure or modify an inspection engine in the S-TAP Control pane.

Before you begin

You must be logged in to the Guardium system that manages the S-TAP.

About this task

Do not configure an S-TAP inspection engine to monitor network traffic that is also monitored directly by a Guardium system that is hosting the S-TAP, or by another S-TAP reporting to the same Guardium system. That would cause the Guardium system to receive duplicate information: it would not be able to reconstruct sessions, and would ignore that traffic.

Procedure

  1. Navigate to Manage > Activity Monitoring > S-TAP Control.
  2. In the row of the S-TAP, click edit S-TAP configuration. The S-TAP Configuration window opens.
  3. Scroll to the bottom of the inspection engines, and click show new inspection engine next to Add Inspection Engine....
  4. Select the protocol and enter the port range. The window refreshes with the relevant parameters, some with their default values.
  5. Configure all required parameters, and click Add. If you are missing parameters, the system informs you what is missing.
Parent topic: Linux and UNIX systems: Configuring S-TAP
Related reference:
Linux and UNIX systems: Inspection engine parameters