Uploading a Policy Configuration for Offline Analysis

Once you have obtained a policy configuration file, you can upload it to SecureTrack, as a revision for a device configured for Offline Analysis, as follows:

  1. Do one of the following:
    • Go to Manage Devices. In the device tree, select the relevant device. Click Import configuration:

      Import config

    • In Compare view, in the device tree, select the relevant device. Click Upload Configuration:

      upload config

  2. Navigate to the policy configuration file, and click Open.

The revision will appear after a few minutes in Compare view.

Alternatively, you can upload a policy configuration file to SecureTrack using CLI, as follows:

  1. Get into the device-collector pod. 

    kubectl exec -it deployment/device-collector -c device-collector -- bash

  2. Get the ID of the offline device:

    [<ADMIN> ~]# st stat
    st stat

  3. Exit the pod:

    [<ADMIN> ~]# exit
    exit

  4. Run the following command to get the ID of the cgi-server. If there are multiple IDs, use the first one:

    kubectl get pods | grep cgi-server
    kubectl get pods | grep cgi-server

  5. From the SecureTrack host, copy the policy configuration file to the cgi-server pod:

    kubectl cp <POLICY_CONFIGURATION_FILE_NAME> <cgi-server-id>:/usr/local/st/offline_analysis/offline<ID> -c cgi-server
    kubectl cp <POLICY_CONFIGURATION_FILE_NAME> <cgi-server-id>:/usr/local/st/offline_analysis/offline<ID> -c cgi-server

    where

    • <cgi-server-id> is the ID of the cgi-server that you obtained in step 3.

    • <ID> is the ID of the offline device you obtained in step 2.

  6. Connect to the cgi-server pod:

    kubectl exec -it <cgi-server-id> -- bash
    kubectl exec -it <cgi-server-id> -- bash

  7. Run the following command:

    st restart <ID>
    st restart <ID>

    8. where <ID> is the ID# from step 2.

The revision will appear after a few minutes in the Compare view.

The CLImethod is not relevant for remote collectors.