To fully use this screen, you must add the following permission to your account:
- In the Armor Management Portal (AMP), in the left-side navigation, click Security.
- Click File Integrity Monitoring.
For Armor Complete, the name of the virtual machine you created in AMP.
For Armor Anywhere, the name of the instance that contains the installed Anywhere agent, which includes the FIM subagent.
For Armor Complete, the entry will display Armor.
For Armor Anywhere, the name of the public cloud provider for the instance.
The health status of the subagent, which is based on how long the FIM subagent has been offline.
There are three status types:
The connection status of the subagent.
There are three connection types:
The date and time that the FIM subagent last communicated with Armor.
To learn how the overall FIM status is determined, see Understand FIM data.
In the File Integrity Monitoring screen, the dashboard displays the various FIM statuses of your virtual machines (or hosts):
- Green indicates a virtual machine in a Secured FIM status.
- Yellow indicates a virtual machine in a Warning FIM status.
- Red indicates a virtual machine in a Critical FIM status.
Armor determines the status of FIM based on how long FIM has been offline.
- If FIM is offline for 2 to 7 days, then the FIM status changes from Secured to Warning.
- If FIM is offline for 8 days or more, then the FIM status changes from Warning to Critical.
Length of offline status
|2 to 7 days||Warning|
|8 days or more||Critical|
The overall status of your virtual machine is based on the individual status of your virtual machine's subcomponents, includingFIM.
The File Integrity Monitoring details screen displays the changes that has been detected in certain files in your virtual machine. This screen only shows data for the last 90 days.
In the Armor Management Portal (AMP), in the left-side navigation, click Security.
Click File Integrity Monitoring.
Locate and select the desired virtual machine.
The name of the file where a change was detected.
A short summary of the change that took place.
The type of change that took place in the file.
|Scan Date||The date when the change was detected.|