Editing the messages

Messages are contained in the module initialization files called .m (dot-m) files. The .m file of each module does the following:

During agent registration, the current version of each .m file is stored in the manager database at \ESM\ register\<operating system>\<module name>.m. You can specify the location of .m files on each agent.

The .m files contain ASCII text. Some lines begin with directives - words that are preceded by a period (.) - that classify file information. Directives are usually followed by the data and sometimes by the descriptive text. Messages begin with .begin directives, which always occur after information about security checks, options, and templates. Do not delete or reorder any messages.

To edit messages

  1. Select an agent with an operating system that reports messages that you want to edit.

  2. Open the common.m file or <module>.m file in a text editor.

  3. Edit the following directives as needed:


    Brief description of a security problem, enclosed in quotation marks, not exceeding 79 characters

    For example, .title "Maximum password age too high"

    The description is displayed in the console grid when the module runs.


    Severity of the problem from 0 to 4. For example, .class 2.

    You can use one of the following values of severity:

    • 0

      Green message that requires no action

    • 1 - 3

      Yellow message that deserves an action

    • 4

      Red message that requires immediate attention


    Explanation of the problem

    Lines of the text cannot exceed 128 characters and the total explanation cannot exceed 1,023 characters. Begin the text on the line after the .text directive.

    Include the following information:

    • Nature of the problem

    • Why it is a security risk

    • How to remedy the problem

    The .endtext directive should occur on a line by itself after the text (required even if you omit an explanation).

    For example, use the directive as follows:


    The maximum password age is too high. Infrequent password changes allow a long-term access to your system to anyone using a stolen password. Set the maximum password age to 60 days.



    Do not begin a line of text with a period. This character is used as a control delimiter and improper usage causes the module to fail.

  4. Change the .customized directive value of each modified message to 1. Doing so prevents the edited message from being overwritten when the module is updated to a later version.

  5. Increment the module version number in the .module directive by 1. In the following example, 1300 was the last version number:

    .module "Account Information" acctinfo 1301 WIN2000

  6. Save the edited .m file.

  7. Re-register the module with appropriate managers.

  8. Verify that the edited messages appear in the message.dat file on computers at the following default location:

    \ESM\system\<system name>\db\ message.dat