Hi all,
What is the most effective way to migrate ESM Policies, which were used in conjunction with ESM Agents, to CCS Technical Standards for achieving Agentless-only Data Collection?
To my understanding, the "ESM-Policy-to-CCS-Standard" Utility facilitates only the migration process in cases where the customer wishes to maintain its ESM Infrastructure (e.g. by upgrading ESM Agents to CCS Agents).
If this stands true, then I suppose that each ESM Policy should be re-written to a custom CCS Technical Standard by following the check building process. But how can this be feasible when an ESM Policy check's expression is based on the "ESM Message" Evaluation Condition Category and the CCS Standard check's expression is based e.g. on the "UNIX > Groups" Evaluation Condition Category?
For instance, what is the process in order to re-write the expression below:
...in order to substitute it by Evaluation Conditions under the the "UNIX > Groups" Category (see below)?
Is there any reference for mapping e.g. "STKU_NOGROUP" Message String ID of an ESM Policy to CCS Standard Evaluation Conditions? Or should I follow a different approach?
Sorry for the noob question and thanks in advance.
Regards,
V.