Update Security Monitoring attack signature database

The Security Monitoring dashboards in NGINX Instance Manager use an attack signature database to display details about detected security violations, including each signature’s name, accuracy, and risk level.

To ensure your dashboards remain accurate and up to date, update the Security Monitoring attack signature database regularly.

  1. Open an SSH connection to the data plane host and log in.

  2. Generate a Signature Report file using the Attack Signature Report Tool. Save the file as signature-report.json:

    sudo /opt/app_protect/bin/get-signatures -o ./signature-report.json

  3. Open an SSH connection to the management plane host and log in.

  4. Copy the signature-report.json file to the NGINX Instance Manager control plane at /usr/share/nms/sigdb/:

    sudo scp /path/to/signature-report.json {user}@{host}:/usr/share/nms/sigdb/signature-report.json

  5. Restart the NGINX Instance Manager services to apply the update:

    shell
    sudo systemctl restart nms-ingestion
sudo systemctl restart nms-core
View source
Edit this page
Create a new issue