HP-UX Host Intrusion Detection System Version 4.2 Administration Guide
• Generate reports for one or more agents
• View alert statistics by agent, severity, alert type, and detection template
• Generate a consolidated report across multiple agents
• Generate incremental reports (i.e., report alerts that were generated after the last generated
report)
• Select alert fields to be displayed in the report
• Sort alerts by severity, alert type, or date
• Initiate reports from the command line, from an interactive menu, or from a cron job
• Email the reports to any number of recipients
• Generate reports in .html, .txt, and .raw formats
The idsadmin Command Reporting Options
To generate alert reports, Invoke the idsadmin command as follows:
idsadmin [-v[vvv]] --report [OPTIONS]
Table C-2 describes the various reporting options that you can use with the idsadmin –r
(--report) option.
Table C-2 Reporting Options Supported by idsadmin
DescriptionOption
Comma separated list of host names or IP addresses. Specify all to
include all agent hosts listed in sentinal.hosts, even those not
currently monitored by the HIDS GUI. Specify managed to only
include agent hosts that are marked as managed by the HIDS GUI.
When used with the report option, the default is managed.
-a, --agent-hostsHOST1, HOST2...|
managed | all
Specifies that only alerts triggered by the specified events are reported,
where:
• create – report alerts triggered by a creation event
• delete – report alerts triggered by a deletion event
• modify – report alerts triggered by a modification or potential
modification event
• login – report alerts triggered by successful logins
• flogin – report alerts triggered by failed logins
• su- report alerts triggered by successful su attempts
• fsu – report alerts triggered by failed su attempts
• logout – report alerts triggered by logouts
• all – report all alerts regardless of the event that triggered the
alert
The default value is all.
--alert-events event_1, event_2...
Generating Alert Reports Using the idsadmin Command 185