Deployment Guide
Creating a rule for a flow
To accommodate creating a rule for a flow, mapsRule accepts a flow name as
a value for the -group parameter. The following example illustrates the
structure.
switch246:FID24:admin> mapsrule --create check_crc2 -monitor crc -group MyFlow -t
min -op g -value 15 -action raslog -policy daily_policy2
Modifying a MAPS policy rule
You can modify only user-defined MAPS policy rules. You cannot modify the default MAPS policy
rules.
To modify a user-defined MAPS policy rule, complete the following steps.
1. Enter mapsRule --show rule_name to display the rules, so you can identify the rule you want to
modify.
2. Enter mapsRule --config followed by the parameters you are changing to modify the rule.
NOTE
You only need to specify the parameters you are changing. Any parameters you do not specify are
not changed.
3. Optional: Enter mapsRule --show to display the updated rule.
4. If the rule is included in the active policy you must re-enable the policy using mapsPolicy --enable
policy policy_name for the modified rule to take effect.
Changing one parameter
The following example changes the time base for a rule from minutes to hours.
switch:admin> mapsrule --show check_crc
Rule Data:
----------
RuleName: check_crc
Condition: critical_ports(crc/minute>5)
Actions: raslog
Policies Associated: daily_policy
switch:admin> mapsrule --config check_crc -timebase hour
switch:admin> mapsrule --show check_crc
Rule Data:
----------
RuleName: check_crc
Condition: critical_ports(crc/hour>5)
Actions: raslog
Policies Associated: daily_policy
Modifying a MAPS policy rule
58 Monitoring and Alerting Policy Suite Administrator's Guide
53-1003147-01