Getting Started with Custom Content

Configuration Manager uses several components (collectively referred to as content) to collect data, manage change, and measure compliance:

  • Rules identify specific data collected from a Cloud Account during a Scan. Inventory Rules collect data used to validate configurations and manage change. Policy Rules collect data that is evaluated by Policies to measure compliance.

  • Rule Groups organize Inventory Rules based on the type of Cloud Accounts they monitor.

  • Policies evaluate data collected by Policy Rules and uses it to measure compliance. Each Policy contains one or more levels of Policy Test Groups, which organize Policy Tests.

  • Policy Tests are the smallest unit of compliance measurement in CM, and they assign a pass/fail result to a single, specific configuration setting.

Tripwire provides ready-to-use content for most common cloud providers and applications. You can also customize Tripwire Rules, Policies, or Policy Tests or create new ones to change the way that Configuration Manager gathers and tests data. The right approach depends on what you want to accomplish:

  • To scan something new, create a new Rule to collect the data you want. If you also want to test for compliance, you will need to link the new Rule to a new or existing Policy to evaluate that data. See Working with Rules for more information.
  • To change the way that CM checks for compliance, you can duplicate an existing Policy and then customize the new Policy. This is the best approach if Configuration Manager is already collecting the data you need, and you just need to change compliance settings (password length, etc). See Working with Policies for more information.
  • To change the responses available when a test fails or a change is discovered, you can create or edit a Policy Response or Change Response. These are both types of Custom Scripts.
  • To monitor types of Cloud Accounts that aren't currently supported, you can create an Account Login Custom Script to access the account, and then create one or more Custom Rules to monitor it.