Manualshelf

HP-UX Host Intrusion Detection System Version 4.2 Administration Guide

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
181182183184185186187188189190
Table C-2 Reporting Options Supported by idsadmin (continued)
DescriptionOption
Specifies a file PATHNAME to override the default location where an
alert report is stored or to specify that the alert report must be printed
to stdout in addition to being stored in the default location. If
PATHNAME is set to /dev/null, then the --email-to option must
be specified and the alert report will not be stored persistently in a
file. By default, alert reports are stored in /var/opt/ids/reports/
HIDS_Report_date.[text|html|raw].
--report-output stdout | PATHNAME
Convert and display all UTC timestamps in UTC or local date/time
string, where the local date/time is the local time on the admin host
that is not necessarily the same as the local time on the agent host(s).
This option does not apply to the date/time string value generated
by an agent and that represents the local time on the agent host. The
default is utc.
--report-time utc | local
If set to multihost, generate a consolidated alert listing across all
specified agent hosts. If set to perhost, generate an individual alert
listing per agent host. If multihost is specified and the report only
contains an alert listing for one agent, an individual report is generated
instead. The default value is multihost.
--report-type multihost | perhost
The sorted order in which alerts are listed in an alert report. The
default is date.
--sort-by date | severity | type
Specifies that only alerts generated on or after the specified date are
reported. The date/time is interpreted as local time on the host on
which idsadmin is run, not as the local time on agent host(s). When
used with the -r option, the default is the date of the most recent
alert in the last generated report, if any. Otherwise, the default is the
beginning of time (epoch).
--start-date YYYYMMDD[HHMMSS]
Using the idsadmin Command to Generate Reports
The following examples show different ways of using the idsadmin command to generate
customized alert reports:
Generating Alert Reports Using the idsadmin Command 187