Configuration Manager. A Normalization Alias (or Alias) defines a variable that can be inserted in the regular expression defined by a Normalization Rule (see Working with Normalization Rules). The value of an Alias may include literal values and other Aliases.
|
Tip |
Tripwire recommends that you regularly download the latest Tripwire-defined TLC content from the Tripwire Web site. Tripwire-defined content includes Normalization Rules, Normalization Aliases, Correlation Rules, Correlation Lists, and some Tasks. For instructions, see Updating TLC with the Latest Tripwire Content. |
|---|
For a current list of Tripwire-defined Aliases in TLC, click here.
In the Alias Editor, you can also create and test your own Aliases.
To create, change, or delete an Alias:
| 1. | In the side bar, select Resources >Configuration Manager. |
| 2. | In the side bar of the Configuration Manager, select  Normalization > Aliases. |
TLC presents your Aliases in the workspace table.
|
Tip |
You can sort, group, and filter the contents of tables. For more information, see Working with Tables). |
|---|
| 3. | To create a new Alias: |
| a. | Click Add Alias, or select an existing Alias and click Copy Alias. |
| b. | In the Alias Editor (see Table 92), enter a Name and (optional) Description. |
| c. | Define the Alias variable and Alias value. |
| d. | To test the Alias, complete the Test Message tab and click Test RegEx. If the Alias is valid, TLC presents the output in the Test Output tab. If no output is returned, review your entries and make the necessary changes. |
|
Tip |
Tripwire suggests that you test an Alias whenever you define or change the Alias variable or value. |
|---|
| e. | Click OK. |
To modify an existing Alias:
| a. | In the workspace, double-click the Alias. |
| b. | As needed, edit the Alias Editor (see Table 92) and click OK. |
To delete an Alias:
| a. | In the workspace, select the Alias. |
| b. | Right-click the Alias and select Delete Alias. |
| c. | In the confirmation dialog, click Yes. |
|
Field/Tab |
Description |
|---|---|
|
Details tab |
Name. The name of the Alias. Alias variable. The name of the Alias' variable. Valid characters include: a-z A-Z _ In the TLC Console, Alias variables are formatted as follows: %<Alias_variable>% Description. (Optional) A description of the Alias. |
|
Test Message tab |
To test the Alias, enter the content of a log message in this tab and click Test. |
|
Alias value |
The value of the Alias' variable. This field supports .NET regular expressions. To add another Alias to this value: 1. In this field, insert your cursor in the position where you want to add the other Alias. 2. From the Alias drop-down, select the other Alias. 3. From the Insert drop-down, select |
|
Alias |
A drop-down list of other Aliases in your TLC environment. |
|
Insert |
To insert a static, literal value for an Alias in the Alias Expression field, select To insert a variable for an Alias, select |
|
Test Output tab |
Displays the output when you test the regular expression. |
|
Test History tab |
Presents information about the Alias' performance and previous tests run in the Input Data tab. |
Insert Dynamic Value