In the [seoswd] section, the tokens determine the behavior of the Watchdog.
Specifies whether to protect the AgentManager daemon.
Default: no
Specifies the interval when the watchdog checks if the Agent Manager daemon is running or not.
Default: 10 minutes
Specifies the interval, in seconds, that the watchdog waits for a response from the main daemon. When elapsed, the watchdog sends a signal to the main daemon.
Default: 60 seconds
Defines the location of the backup debug messages file.
Default: CA ControlMinder product log directory
Defines the number of debug backup files to save.
Values: A positive number
Default: 2
Defines the location of the file to which seoswd debug messages are written.
Default: /log/seoswd_debug under CA ControlMinder product directory
Defines the lowest level of debug messages to save. The level of the value set and all levels above are saved.
Values: Disabled (no messages are saved), Critical, Very High, High, Normal., Low
Default: Critical
Defines the maximum size in MBs of the debug messages file.
Values: A positive number
Default: 256
Specifies whether to scan programs and files at specific intervals.
If the token value is no, then the watchdog performs interval scanning; if yes, then it does not scan at intervals.
Note: If you do not specify the scan times with the PgmTestTime or SecFileTestTime tokens, and this token is set to yes, then the watchdog does not scan trusted programs or secured files respectively.
Default: no
Specifies the period, in seconds, after the last event and before checking programs again. The program rests to prevent system overload.
Default: 10 seconds
Specifies the time interval, in seconds, between the rescanning of trusted programs.
Note: If the value equals or is greater than one day (86400 seconds) then IgnoreScanInterval defaults to yes.
Default: 18000 seconds (five hours)
Specifies the start time, in hh:mm format, of the first trusted program scan.
Default: If you do not set this token, the Watchdog performs the first scan shortly after startup.
Specifies fixed scan times, in hh:mm format, for trusted programs. You can specify more than one scan time by separating them with spaces.
Default: If you do not specify scan times, and you set the IgnoreScanInterval token to yes, then the Watchdog does not scan trusted programs.
Specifies the interval, in seconds, to verify that the policyfetcher daemon is running.
Default: 600
Specifies the process critical handle count. The watchdog restarts the process when the critical handle count is exceeded.
Valid Values: 0 (disables token), 800 (minimum value)
Default Value: 1500
Specifies the high watermark for the process handle count. The watchdog restarts the process during the restart hours when the defined handle count is exceeded.
Valid Values: 0 (disables token), 800 (minimum value)
Note: The token is disabled if the value is greater than ProcHandlesCritical value.
Default Value: 1000
Specifies the hours when the watchdog restarts the high handle count process.
Valid Values: 0 - 23 (value in hours)
Default Value: 0 - 5
Specifies the process critical memory size in megabytes. The watchdog restarts the process immediately when the specified limit is exceeded.
Default Value: 500 MB
Specifies the high watermark for process memory size. The watchdog restarts during the restart hours.
Default Value: 300 (value in megabytes)
Specifies the interval, in seconds, between the process performance counters verification. The watchdog checks the following processes:
Default: 900 seconds
Specifies the time interval, in seconds, between successive reads by the Watchdog of the seos.ini tokens.
Default: 86400 (one day)
Specifies the period, in seconds, after the last event and before checking secured files again. In order to prevent system overload, the Watchdog rests.
Note: If you do not specify scan times, and you set the IgnoreScanInterval token to yes, then seoswd does not scan secured files.
Default: 10
Specifies the time interval, in seconds, between the rescanning of secured files.
Default: 36000 (ten hours)
Specifies the start time, in hh:mm format, of the first scan of secured files.
Default: If no value is given, the Watchdog performs the first scan a short time after the CA ControlMinder daemons start.
Specifies fixed scan times, in hh:mm format, for secured files. You can specify more than one scan time by separating them with spaces.
Default: N/A
(UNIX only) Specifies the time interval, in seconds, between the Watchdog checks of the daemon seosd ("Are you there?").
Important! Do not modify this token by yourself because an incorrect value may cause major problems in CA ControlMinder's operation. For assistance, contact CA Support at http://ca.com/support.
Default: 60
Specifies the interval, in seconds, between scans after a HUP signal triggers a one‑time scan on demand, to protect the system against overload.
Note: Scan on demand is performed both on trusted programs and secured files.
Default: 60
Determines whether the Watchdog should attempt to untrust a program or file, even though it cannot find it. For example, if the file was deleted or the relevant NFS partition is not mounted.
yes—Attempt to untrust the missing file.
no—Do not attempt to untrust the missing file.
Default: yes
Specifies whether to protect the authentication daemon.
Values: yes, no
Default: no
Specifies the interval, in seconds, to verify that the authentication daemon is running.
Default: 600
Specifies whether CA ControlMinder Watchdog checks the time of the last file status change of trusted programs and secure files.
Valid Values: yes, no.
Default: no
Specifies the pipe server name which communicates with the watchdog.
Default: WatchdogRequests
Copyright © 2013 CA Technologies.
All rights reserved.
|
|