When installed with the CWPP Agent, the File Integrity Monitoring (FIM) plugin validates containers to assure compliance for files against a known good baseline. FIM Incidents are reported on the Policy Incidents page.
For complete details about Policy Incidents, see Policy Incidents Page.
To view FIM policy incidents:
- Go to Incidents > Policy Incidents.
- Filter for Incident Type > File Integrity Incident.
- Filter for your Service Name.
- Click a table row to select an incident and display the Cloud Card.
- In the first Cloud Card, click a Container File.
- In the second Cloud Card, click a Container Instance associated with the file.
- In the third Cloud Card, view the File Events and other details associated with the file, including File Hashes.