How to check out if Real-Time File Integrity Monitoring is enabled or not ?
File integrity monitoring can be used to help monitor the following items that are called out by PCI Data Security Standard .
Real-Time File Integrity Monitoring is enabled by default and will be used automatically whenever possible.
In the var\log\scsplog\SISIDSEvents.csv that the monitor is on
MSTD,1,2012-03-31 16:03:50.000 Z+0800,I,0,R,,,IA_0023,,,,Main Module,,,,,IA_0023,,,,IA_0023: Symantec IDS Service has started
There are a few other options for real-time file integrity monitoring that can be accessed via sisipsconfig.sh.
-rtfim enables itYou can see if FIM is enabled using this command
./sisipsconfig.sh -export | grep fim
Next option is check /opt/Symantec/scspagent/IDS/system/agent.ini
under [Driver] section see if mentioned
AIX 5.3 64 bit