RPF_CHECK - Rule Processing Framework
The RPF_CHECK extractor could be used to define number of system/server checks (profile parameters, TP parameters, etc) which could be then monitored. Out of the box it is possible to monitor System Security Baseline using the set of predefined rules/checks distributed together with add-on installation files. Extractor is not active by default. Security Baseline content pack need to be imported before extractor is activated.
Potential Use Cases
This event could be used in the following scenarios:
Security Baseline monitoring
Custom configuration parameter monitoring
The filter is available following the menu option below:
Administrator → Metric Filters->More->Rule Processing Filter
On the left side it is possible to select/drill-down into necessary rule group (by double-click). The list of rules are shown on the right side of the screen. ‘Security Baseline’ content pack could be imported using ‘Import’ button.