Host Intrusion Detection System Administrator's Guide Release 3.0
Automated Response
Sample Response Programs
Appendix B
197
Logging to a central syslog server While the HP-UX HIDS System Manager
provides a centralized location for alerts, you may also want to log alerts to a syslog
server. This short script shows how this can be done.
#!/usr/bin/sh
#
# Sample HP-UX HIDS alert response script
#
# Send a message to syslog containing the alert
# If we have a severity 1 alert then log the alert to syslog
if[$3=“1”]
then
/usr/bin/logger -t “HP-UX HIDS” “$8”
fi