To get to this page: Select Controls from the left menu. Go to New > Control. Click the Windows Control Types tab. Click Get Started for the File Integrity control type. (Or click edit for any control of this type you want to change.)
The Windows File Integrity Check control type checks for changes in specified files on a Windows system.
Once saved, the service will assign the control a unique control ID (CID). The CID is visible when you edit the control and when you view Technical Control Information from the controls list.
Note: File integrity monitoring requires a setting in the compliance profile. See Compliance Profile: Scan Options.
In the General Information section, provide basic information for the control, including a control statement and category. See General Information for details.
In the Scan Parameters section, specify the scan parameters that the scanning engine will use to gather data for the control. The scan parameters combined make up a single data point. You must also enter a description for the data point, which will appear in compliance policies and reports
File/Directory path. Enter the full directory path to the file on your windows system that will be checked.
Hash Type. Select the hash type that identifies the algorithm to be used for computing the file hash: MD5, SHA-1, or SHA-256.
Data Type. (View only) The data type of the value returned by the scanning engine. For a file integrity check control this is set to "String" by default.
Description. Enter a description for the custom control which will appear in compliance policies and reports.
Click Add Parameters to add parameters and close the Scan Parameters window. You will notice the Edit Parameters button is available. Click this button to edit parameters before saving the control. Once the control is saved, only the description can be updated.
See also:
Add/Edit Scan Parameters in a New Control
Update the Data Point Description in an Existing Control
In the Control Technologies section, identify the technologies applicable to the control. For each technology, provide a rationale statement and set the default control value.
Rationale. Enter a rationale statement describing how the control should be implemented for each technology.
Operator. (View only) The expected value for a file integrity control must be specified as a regular expression.
Default Value. The initial regular expression value for a file integrity control is ".*" (period asterisk) for "any value". Once you have run a scan using the control, and generated a compliance report, you can copy the actual value from the resulting report into the Default Value field of the control. Any changes to the file will indicated on subsequent compliance reports.
In the References section, add or remove references to internal policies and documents. See References for details.