Compliance Management › Working with Compliance Jobs › Run Compliance Job using Live Browse

Run Compliance Job using Live Browse

To automate the discovery and compliance processes as an administrator, you can:

• Browse the objects (File System, Windows Registry, Windows Services, and Group Policies) in a compliant server.
• Create compliance rules for the selected objects.
• Run the compliance job for the selected service, servers, or server groups.
• Run the remediation job to remediate non-compliant objects on services, servers, or server groups using the Remediation Job tab.

When a compliance job is created using the Live Browse option, the following objects are created:

• Rule Group: Assume that the rule group is created with the name Rule Group 1.
• Blueprint: The new blueprint name is created as <Rule Group 1>_<Milliseconds since January 1, 1970, 00:00:00 GMT>
• File Structure Classes: The new file structure classes are created as '<Rule Group 1>_<Milliseconds since January 1, 1970, 00:00:00 GMT> (Services)' and '<Rule Group 1>_<Milliseconds since January 1, 1970, 00:00:00 GMT> (Group Policies)'

Note: You can filter the live browse objects using the Is Live Browse option from the respective Rule Group, Blueprint, or File Structure Classes tables.

Create a Rule Group using Live Browse

You can browse and create the compliance rules for the objects in the server. After you create the rules, you can run compliance jobs on the selected servers and can remediate the failed rules, if necessary.

Follow these steps::

1. Click Tasks, Run Compliance Job, then click Next.
2. Click Create New Compliance Job and then click Next.
3. Enter the required information, then click Create New Rule Group with Live Browse.
4. Enter the required information, then click Next.
5. Click the Browse button and select the server from Server drop-down list in the Browse Server dialog.
6. Select the required objects, click Add, click Close, then click Save.

   The Rules tab displays for the selected object.

7. On the Rules tab, select the Create Rule option from the Table Actions drop-down list.
8. Complete the information that is required to create the rules for the object, then click Save.

   Note: See Create Rules using Scripts for more information.

9. Select the services, servers, and server groups on which you want to apply the rules.
10. Follow the wizard and complete one of the following actions:
    1. Select Now to run the compliance job immediately
    2. Select a scheduling option.
11. To view the results, click Log and select the Rule Compliance tab.

Remediate Failed Rules for Compliance Jobs

To remediate failed rules for the compliance job, use the Remediation tab. The remediation job runs for the included steps and updates the values that were provided during the rule creation.

Follow these steps:

1. Select the required server, then select the remediation steps to exclude.
2. From the Select Actions drop-down list, select the Delete Steps option.
3. Click Run Remediation Job.

Create Rules using Scripts

You can use the Custom Scripts option to define scripts for Rule Compliance, Remediation, and Undo Remediation. You can include parameters, global and context variables (for example, DiscoveredPath and OSSERVICENAME) in scripts and can replace the variable values at run time.

Follow these steps:

1. Follow the steps 1 through 6 in Create a Rule Group using Live Browse.
2. From the Constraint Type drop-down list, select the Custom Script option.
3. Click Editor and add a custom script or update an existing script.

   Similarly, you can use the editor in the Remediation section to add or update remediation scripts.

Example: Create Rule for Group Policy

Assume a requirement to set a Minimum Password Length (for example, 4) that complies with to the Security Settings policy for a server.

Follow these steps:

1. Complete steps 1 through 5 in the Create a Rule Group using Live Browse section.
2. From the Group Policies tab, select Minimum Password Length under Security Settings.
3. Click Add, click Close, and click Save.

   The Rules tab displays for Minimum Password Length.

4. From the Table Actions drop-down list, select Create Rule.
5. Enter a name and value (for example, '4'), then click Next.
6. Select the servers on which to apply the rules.
7. Follow the wizard, select Now to run the compliance job immediately, then click Finish.

   The compliance job runs for the selected servers and displays a success message.

8. Click the success message, select the Tree or Flat Table tab, and view the results.