This recipe demonstrates how to download a map- or dig-config file and create a snapshot through a command pipeline using ftimes.sourceforge.net as the Integrity Server. Once the scan is complete, ftimes will upload the snapshot to the Integrity Server using a RunType of linktest. The RunType control may be set to baseline, snapshot, or linktest. If it is set to linktest, the uploaded data will be discarded once received. This recipe assumes that 1) all local commands are in the search path and will be executed from a Bourne shell; 2) the local operating system is a supported flavor of UNIX or NT; and 3) the local host can establish a connection to ftimes.sourceforge.net over HTTP. 1. Create the following get-config file, and name it get.cfg. The following command allows you to automatically create this file. sed -e '1,/^--- get.cfg ---$/d; /^--- get.cfg ---$/,$d' ftimes-get-write-cfg-to-ftimes.txt > get.cfg --- get.cfg --- BaseName=T001_HELP_0001_1 GetAndExec=N URLGetURL=http://ftimes.sourceforge.net/cgi-bin/nph-ftimes.cgi URLUsername=T001_HELP_0001_1 URLPassword=triage URLAuthType=basic URLGetRequest=MapConfig --- get.cfg --- Note: If you wish to download a dig-config file instead of a map-config file, set URLGetRequest to 'DigConfig'. 2. Create a directory called scandir and insert a file called scanfile. For UNIX: mkdir scandir echo xyz > scandir/scanfile For NT: md scandir echo xyz > scandir\scanfile 3. Execute ftimes using the provided command. Output should be comparable to that depicted below. ftimes --getmode get.cfg -l 6 | ftimes --mapfull - scandir Note: The -l 6 argument suppresses log messages for the getmode invocation. This was done to isolate the log output created by the mapfull invocation. Note: FTimes must be run in --mapfull mode if URLGetRequest was set to MapConfig. Likewise, it must be run in --digfull mode if URLGetRequest was set to DigConfig. --- output --- <<< EXECDATA >>>|Program=ftimes 3.0.0 ssl --mapfull <<< EXECDATA >>>|SystemOS=i386 FreeBSD 4.2-RELEASE <<< EXECDATA >>>|Hostname=utopia.ir.exodus.net +++ LANDMARK +++|Stage1=MapModeInitialize +++ LANDMARK +++|Stage2=MapModeCheckDependencies +++ LANDMARK +++|Stage3=MapModeFinalize <<< PROPERTY >>>|BaseName=T001_HELP_0001_1 <<< PROPERTY >>>|Compress=N <<< PROPERTY >>>|FieldMask=ALL-magic <<< PROPERTY >>>|HashDirectories=N <<< PROPERTY >>>|LogDir=/tmp/recipes <<< PROPERTY >>>|MapRemoteFiles=N <<< PROPERTY >>>|NewLine=LF <<< PROPERTY >>>|OutDir=/tmp/recipes <<< PROPERTY >>>|RequirePrivilege=N <<< PROPERTY >>>|RunType=linktest <<< PROPERTY >>>|URLPutSnapshot=Y <<< PROPERTY >>>|URLPutURL=http://ftimes.sourceforge.net:80/cgi-bin/nph-ftimes.cgi <<< PROPERTY >>>|URLCreateConfig=Y <<< PROPERTY >>>|URLUnlinkOutput=N <<< PROPERTY >>>|URLAuthType=basic <<< PROPERTY >>>|URLUsername=T001_HELP_0001_1 <<< PROPERTY >>>|URLPassword=######## <<< PROPERTY >>>|SSLVerifyPeerCert=N <<< PROPERTY >>>|SSLUseCertificate=N <<< PROPERTY >>>|Include=/tmp/recipes/scandir <<< PROPERTY >>>|Exclude=/tmp/recipes/T001_HELP_0001_1_20020226181302.log <<< PROPERTY >>>|Exclude=/tmp/recipes/T001_HELP_0001_1_20020226181302.map +++ LANDMARK +++|Stage4=MapModeWorkHorse +++ LANDMARK +++|Stage5=MapModeFinishUp <<< MODEDATA >>>|LogFileName=/tmp/recipes/T001_HELP_0001_1_20020226181302.log <<< MODEDATA >>>|OutFileName=/tmp/recipes/T001_HELP_0001_1_20020226181302.map <<< MODEDATA >>>|OutFileHash=94ca902d75defbe7e8160ba0a385ff21 <<< MODEDATA >>>|DataType=map <<< MODEDATA >>>|DirectoriesEncountered=1 <<< MODEDATA >>>|FilesEncountered=1 <<< MODEDATA >>>|SpecialsEncountered=0 <<< MODEDATA >>>|AnalysisStages=Digest <<< MODEDATA >>>|ObjectsAnalyzed=1 <<< MODEDATA >>>|BytesAnalyzed=4 <<< MODEDATA >>>|CompleteRecords=2 <<< MODEDATA >>>|IncompleteRecords=0 <<< EXECDATA >>>|Warnings=0 <<< EXECDATA >>>|Failures=0 <<< EXECDATA >>>|RunEpoch=2002/02/26 18:13:02 GMT <<< EXECDATA >>>|Duration=1 --- output --- 4. The following command will extract this recipe to a script file suitable for execution. sed -e '1,/^--- script ---$/d; /^--- script ---$/,$d' ftimes-get-write-cfg-to-ftimes.txt > ftimes-get-write-cfg-to-ftimes.sh --- script --- #!/bin/sh if [ ! -d scandir ]; then mkdir scandir; fi echo xyz > scandir/scanfile ( echo "BaseName=T001_HELP_0001_1" echo "GetAndExec=N" echo "URLGetURL=http://ftimes.sourceforge.net/cgi-bin/nph-ftimes.cgi" echo "URLUsername=T001_HELP_0001_1" echo "URLPassword=triage" echo "URLAuthType=basic" echo "URLGetRequest=MapConfig" ) | ftimes --getmode - -l 6 | ftimes --mapfull - scandir --- script ---