HP-UX Host Intrusion Detection System Version 4.2 Administration Guide
NOTE: The Network Node screen title bar indicates how you obtained the data on the screen.
If it consists of Network Node - hostname, where hostname is the name of the monitored host,
the data is got from the master log file for that host and you selected the Network Node screen
from the System Manager screen.
If it consists of Network Node - pathname, where pathname is the full path name of a file, the
data is acquired from a log file set that you selected with the File >Open menu item.
Saving the Current Log File Set
To save the current log file set into the log file set displayed in the window title bar, follow these
steps:
• On the Network Node screen, perform one of the following steps:
• Select the File > Save menu item.
• Press Ctrl+S.
The alert and error log files are saved in /var/opt/ids/gui/logs, overwriting files
filesetname_alert.log and filesetname_error.log.
Saving a New Log File Set
NOTE: You cannot use this method to save into the log file set of any host that has an entry
(monitored or not) in the host list on the Host Manager screen.
To save the current log file set into a file set with a different name, follow these steps:
1. On the Network Node screen, open the Save dialog box as shown in Figure 7-4 by performing
one of the following steps:
• Select the File > Save As menu item.
• Press Ctrl+A.
Figure 7-4 Save Dialog Box
2. Either select one of the existing file names (it does not matter whether you choose the alert
or error file) by clicking its name, or enter a log file set name in the File Name field. A log
file set name is a file name without the trailing _alert.log or _error.log. For example:
1. To create a new file set named myhost1.backup, enter myhost1.backup in the File
Name field.
2. To save the file set you just opened with file set name just opened, click the alert or
error file for the set. For example, justopened_error.log.
General Operations 101