Sindbad~EG File Manager

#
# DO NOT MODIFY THIS FILE
#

# The directory where auoms stores data files
#
#data_dir = /var/opt/microsoft/auoms/data

# The directory where auoms places transient file like the input.socket file
#
#run_dir=/var/run/auoms

# The path to the unix domain socket where auoms will listen for connections from the collector
#
# Default is ${run_dir}/input.socket
#input_socket_path = /var/run/auoms/input.socket

# The path to the unix domain socket where auoms will report status
#
# Default is ${run_dir}/status.socket
#status_socket_path = /var/run/auoms/status.socket

# The key added to all rules that auoms sents to the kernel audit system
#
#rule_key_name = auoms

# The directory where auoms looks for audit rules files
#
#rules_dir = /etc/opt/microsoft/auoms/rules.d

# The directory where auoms looks for output config files
#
#outconf_dir = /etc/opt/microsoft/auoms/outconf.d

# The path to the auditd binary installed by the auditd package
#
#auditd_path = /sbin/auditd

# The path to the auomscollector binary
#
#collector_path = /opt/microsoft/auoms/bin/auomscollector

# The path to the config file for auomscollect
#
#collector_config_path = /etc/opt/microsoft/auoms/auomscollector.conf

# The path to the event queue file. The event queue file is used to persist
# events that have been received from the collector. When the input queue
# is full, the oldest events are removed to make room for new events.
#
# Default is ${data_dir}/queue.dat
#queue_file = /var/opt/microsoft/auoms/data/queue.dat

# The size of the event queue file.
#
#queue_size = 10485760

# Allowed output socket dirs. The output socket path identified in the output
# conf file must be under one of the dirs listed in this property.
# The dirs must be ':' separated (just like the PATH environment variable.
#
allowed_output_socket_dirs = /var/run/auoms:/var/opt/microsoft/omsagent

# Process-based event flags.
# Flag events that are generated by processes that match (or their children).
#
process_flags = [
    {
        "exe_prefix": "/opt/microsoft/omsagent/ruby/bin/ruby",
        "arg1_prefix": "/opt/microsoft/omsagent/bin/omsagent",
        "flags": 4,
        "user": "omsagent"
    },
    {
        "exe_prefix": "/opt/microsoft/omsconfig/bin/OMSConsistencyInvoker",
        "flags": 4,
        "user": "omsagent"
    },
    {
        "exe_prefix": "/opt/omi/bin/omiserver",
        "flags": 4,
        "user": "root"
    },
    {
        "exe_prefix": "/usr/bin/python",
        "arg1_prefix": "/usr/sbin/waagent",
        "flags": 2,
        "user": "root"
    },
    {
        "exe_prefix": "/usr/bin/python3",
        "arg1_prefix": "/usr/sbin/waagent",
        "flags": 2,
        "user": "root"
    },
    {
        "exe_prefix": "/usr/bin/dpkg",
        "flags": 1,
        "user": "root"
    },
    {
        "exe_prefix": "/bin/rpm",
        "flags": 1,
        "user": "root"
    }
]

# Controls logging to syslog
#
#use_syslog = true