HP-UX Host Intrusion Detection System Version 4.2 Administration Guide
4. Log in to the administration system as root and start the System Manager as the ids user.
For more information, see “Starting the HP-UX HIDS System Manager” (page 49).
a. Login as ids:
# su ids
b. Start the System Manager program.
$/opt/ids/bin/idsgui
c. The first time you start the System Manager, the product license agreement is displayed.
This text is also printed in “HP Software License” (page 225). Click Accept to continue
or Reject if you are not ready to use the software.
5. Go to the Schedule Manager screen and create surveillance schedules, or use the predefined
schedules. For more information, see “Using the Schedule Manager Screen” (page 57).
6. Go to the Host Manager screen and select the agent hosts you want to monitor. These are
the systems you started idsagent on in step 3. As described in “Setting Up HP-UX HIDS
Secure Communications” (page 29), the certificate script may have provided you with a
selection of agent hosts. Check the Monitored box for each host. For more information, see
“Using the Host Manager Screen” (page 83).
7. Go to the System Manager screen. For more information, see “Returning to the System
Manager Screen” (page 56).
8. Check the status of the agents. The host names are listed in the Monitored Hosts list. If they
are not listed as Available, select them all and press the Status button. The monitored
hosts will be listed as Available in the Status column. For more information, see “Getting
the Status of Agent Hosts” (page 51).
9. Activate the schedules on the agent hosts. This can be the same schedule on all hosts, a
different schedule on each host, or any combination thereof.
a. Select a schedule in the Schedules list, the hosts you want to download it to in the
Monitored Hosts list and press the Activate button.
b. Repeat for different schedules and different hosts. An agent host can run only one
schedule at time. If a download is successful, its Status is Scheduled or Running,
depending on its timetable. For more information, see “Activating Schedules on Agent
Hosts” (page 53).
Operations Screens
The HP-UX HIDS System Manager has five operations screens that you use to manage HP-UX
HIDS operations, receive operator input, and display HP-UX HIDS output.
• System Manager
The System Manager screen displays the current status of the agent systems and controls
agent operations. It is launched automatically when the System Manager starts. All other
operations screens can be accessed from the Edit or View menus of the System Manager
screen. You can return to the System Manager screen from the View > System Manager
menu item on any other operations screen. For more information, see Chapter 4: “Using the
System Manager Screen” (page 47).
• Schedule Manager
In the Schedule Manager screen, you can:
— create and modify surveillance schedules.
— create and modify surveillance groups.
— modify template property values
— specify the days and times that each surveillance group will be active.
— specify global property values, such as alert aggregation, monitor failed attempts, and
duplicate alert suppression properties, as these values are not template specific.
Operations Screens 45