« Back to CA NFA Main Page
How to Mass Import Application Defintions in RA
Please create a Back up of tables listed below before making any changes to your RA and Harverster databases
Database to select from RA: reporter
Table to backup: application_mappings
Database to select on Haverster: Harvester
Tables to back up: app_map_net; app_map; app_map_server;
I find that it is better to add the First entry manually into application definitions by doing that the software will create the protocol group based on the name that you define for the application definitons
There are three rule types that you can use to create an Application Defintion Mapping
Rule 1 = Server
Syntax for Rule 1 below query is needed if you have only server ip and nothing else
insert INTO application_mappings (description, protocol, tos, ip, mask, beginPort, endPort, newPort, ruleType) values ('network',6,-1,'10.10.10.18',32,-1,-1,65463,'Server');
or if you have IP and begining port
Insert INTO application_mappings (description, protocol, tos, ip, mask, beginPort, endPort, newPort, ruleType) values ('network',6,-1,'10.10.10.18',32,9999,-1,65463,'Server');
Rule 2 = Server Protocol
Syntax for Rule 2
insert INTO application_mappings (description, protocol, tos, ip, mask, beginPort, endPort, newPort, ruleType) values ('server',6,-1,'10.10.10.16',32,445,446,65461,'ServerProtocol');
Rule 3 = Subnet Protocol
Syntax for rule 3
insert INTO application_mappings (description, protocol, tos, ip, mask, beginPort, endPort, newPort, ruleType) values ('Netflow',17,-1,'10.252.28.0',24,9995,-1,65464,'SubnetProtocol');
Steps to verify if the query worked without anyproblems:
- View to see if the application defintion shows up in the Web GUI
- Verify after 5 minutes or so on the harvester
select * from app_map_net; select * from app_map;
select * from app_map_server; - If your appllication defintions does not show up on any of the harvester tables, you use this command on RA to manually update the push to harvester
replace into system_settings ( Parameter, Value ) values ( 'applicationMappingLastModified', unix_timestamp() );