Critical System Protection ImportFileList function

Article:TECH194497  |  Created: 2012-08-06  |  Updated: 2012-08-30  |  Article URL http://www.symantec.com/docs/TECH194497
Article Type
Technical Solution

Product(s)

Environment

Issue



This article explains how to use the File Import List functionality in Symantec Critical System Protection (SCSP).


Solution



The File Import List functionality allows a list to be saved in a location on the Agent (Endpoint) machine, which is read into policies during the policy translation process. 

On the manager, instead of typing a list of users, groups, IP addresses, registry keys or application locations into a policy, one can instead point to a location on the Agent where this list will be saved.

This allows an administrator of a machine to add their own list of users, groupos, applications, IP addresses, etc. at the endpoint, which can prove to be much more efficient than having all of these centrally entered.  It also allows a group of like machines to share the same asset folder in the manager, but have different lists applied to each machine.

The maximum size for any list is 100 lines.  If you need more than 100 lines, you will need to break the list up into separate lists, and enter each list into the policy.

For example, to add a list of applications to a policy follow these steps:

  1. Create a .txt file listing the full paths of each application that you would like to be imported on-the-fly.  Each file path path needs to be on a separate line.
  2. Save the file on the Asset/Endpoint machine where you want the list to be imported to.  Note the file path to this .txt file.
  3. In the manager, edit the policy that you will be assigning to the Asset/Endpoint that you saved the .txt file to.
  4. In any section of the policy where you want this list to be imported, use the following syntax to point the policy to the file you want imported:
    •  %?ImportFileList(<PathToFile>)?%
    • For example:  %?ImportFileList(c:\userlist.txt)?%
    • To make the file optional, enter a minus sign before the file list syntax like this "-%?ImportFileList(<PathToFile>)?%" .  That way, if the list is not found, then the policy application will not fail. 
  5. If you want to use "ALL" for an IP address range, then you can use either of these two CIDR format IPv4 addresses in the list:  0.0.0.0/0 or 255.255.255.255/32

 




Article URL http://www.symantec.com/docs/TECH194497


Terms of use for this information are found in Legal Notices