Using custom properties profiles to upload custom scripts
If you use custom scripts that you manually upload to the Security Engine, you can instead add the scripts to Custom Properties Profile elements.
If the custom properties profile is referenced in the configuration of the Security Engine, the script is automatically uploaded to all the Security Engine nodes when the policy is installed.
For example, if you use a custom script for the External Test for the Security Engine, you can use a custom properties profile to upload the script to the Security Engine. If the script is uploaded to the default location, you can refer to /data/config/policy/latest/scripts/[script_name] in the properties of the External Test.
This feature is supported on the Security Engine in the Engine, IPS, and Layer 2 Engine roles. For Virtual Engines, add the custom properties profile to the Master Engine.
You can upload custom scripts to the following paths:
/data
/data/config/base
/data/config/hooks/online
/data/config/hooks/offline
/data/config/hooks/standby
/data/config/hooks/policy-applied
/data/config/hooks/ve-active
/data/config/hooks/ve-deactiveIn the custom properties profile, you can define additional attributes that your script can use. Additional attributes and their values are saved to the same location as your custom script in a file named <script_name>_allow. One attribute per line is stored in the file in the following format:
<attribute name>:<attribute value>my_script.sh
my_script.sh_allowtest_attribute1:1
test_attribute2:2For script examples, see Knowledge Base article 18290.