Editing the messages

Messages are contained in the module initialization files called .m (dot-m) files. The .m file of each module does the following:

Specifies security checks and options for the module
Associates the module with specified name lists
Contains a descriptive name for the module
Supplies default values for the module's security checks
Supplies message text that is reported in the console grid

During agent registration, the current version of each .m file is stored in the manager database at \ESM\ register\<operating system>\<module name>.m. You can specify the location of .m files on each agent.

The .m files contain ASCII text. Some lines begin with directives - words that are preceded by a period (.) - that classify file information. Directives are usually followed by the data and sometimes by the descriptive text. Messages begin with .begin directives, which always occur after information about security checks, options, and templates. Do not delete or reorder any messages.

To edit messages

Select an agent with an operating system that reports messages that you want to edit.
Open the common.m file or <module>.m file in a text editor.

Edit the following directives as needed:

.title

Brief description of a security problem, enclosed in quotation marks, not exceeding 79 characters

For example, .title "Maximum password age too high"

The description is displayed in the console grid when the module runs.

.class

Severity of the problem from 0 to 4. For example, .class 2.

You can use one of the following values of severity:

0

Green message that requires no action
1 - 3

Yellow message that deserves an action
4

Red message that requires immediate attention

.text

Explanation of the problem

Lines of the text cannot exceed 128 characters and the total explanation cannot exceed 1,023 characters. Begin the text on the line after the .text directive.

Include the following information:

Nature of the problem
Why it is a security risk
How to remedy the problem

The .endtext directive should occur on a line by itself after the text (required even if you omit an explanation).

For example, use the directive as follows:

.text

The maximum password age is too high. Infrequent password changes allow a long-term access to your system to anyone using a stolen password. Set the maximum password age to 60 days.

.endtext

Note:

Do not begin a line of text with a period. This character is used as a control delimiter and improper usage causes the module to fail.

Change the .customized directive value of each modified message to 1. Doing so prevents the edited message from being overwritten when the module is updated to a later version.
Increment the module version number in the .module directive by 1. In the following example, 1300 was the last version number:

.module "Account Information" acctinfo 1301 WIN2000
Save the edited .m file.
Re-register the module with appropriate managers.
Verify that the edited messages appear in the message.dat file on computers at the following default location:

\ESM\system\<system name>\db\ message.dat