Sacrosanct Files

How To

Summary

QRadar Apps have some files that are marked as sacrosanct - meaning that they cannot be overwritten or deleted by apps.

If an app zip contains files at the designated paths the files supplied in the app zip will be ignored and the sacrosanct files will be kept.

For example if an app zip contains a file that overwrites /bin/log_collector.py it will be ignored and the sacrosanct file will be kept instead.

Please note that these sacrosanct checks happen when an app zip is extracted - be careful not to overwrite these important files at app install or runtime.

Steps

Sacrosanct File List

The following files are marked as sacrosanct:

/bin/log_collector.py
/bin/as_root
/bin/start.sh
/bin/start_flask.sh
/bin/update_ca_bundle.sh
/bin/whitegate_egress.sh
/startup.d/A0.*
/startup.d/A9.*

This list can be found inside the app container inside /opt/app-root/sacrosanct_files.txt.

Document Location

Worldwide

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwt3AAA","label":"QRadar Apps"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Tips

Sacrosanct Files

How To

Summary

Steps

Sacrosanct File List

Document Location

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?