Manualshelf

Host Intrusion Detection System Administrator's Guide Release 3.0

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
71727374757677787980
Schedule Manager Screen
The Schedule Manager
Chapter 5
59
The Schedule Manager
The Schedule Manager screen helps you create and configure HP-UX HIDS
surveillance schedules, surveillance groups, and detection templates.
On this screen, you can:
Add, rename, delete, and define surveillance schedules, including which surveillance
groups make up a schedule.
Add, rename, delete, and define surveillance groups, including which templates
make up a group, the days and times the group will be active, and the values for the
properties of the selected templates. A group’s timetable can be different in different
schedules. A template’s property values can be different in different groups.
A surveillance schedule is what you activate on an agent host to monitor activities and
report alerts. It consists of one or more surveillance groups. A surveillance group
consists of one or more templates. A template consists of one or more properties. A
property can have zero or more values. The templates and their properties are
predefined.
Surveillance schedules are saved on disk in files that match the schedule name, as
/var/opt/ids/gui/SurveillanceSchedules/
schedname
.schedule where
schedname
is the name of the schedule. If you rename a schedule, its file is renamed. If you save a
schedule under a new name, the old file is renamed and the schedule is renamed. Saving
a schedule ensures that it has been written to disk.
Surveillance groups are saved on disk in files that match the group name, as
/var/opt/ids/gui/SurveillanceGroups/
groupname
.grp where
groupname
is the
name of the group. If you rename a group, its file is renamed. You cannot save a group
directly.
Schedules and groups are saved automatically when you first create them and every
time you exit from the System Manager screen.
The Schedule Manager screen comprises three major parts:
The Configure tab, where you define surveillance schedules, groups, and template
properties. See “Configuring Surveillance Schedules” on page 62, “Configuring
Surveillance Groups” on page 67, and “Configuring Detection Templates” on page 71.
The Timetable tab, where you specify when each surveillance group of a
surveillance schedule will run. See “Setting Surveillance Schedule Timetables” on
page 75.
The Details tab, which displays the source definition of a surveillance schedule. See
“Viewing Surveillance Schedule Details” on page 79.