Manualshelf

HP-UX Host Intrusion Detection System Version 4.4 Administrator Guide (5900-1634, April 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
171172173174175176177178179180
updates the schedule and deploys it over the two agents. The administrator can choose to intervene
in this process; however, it is not required.
Schedule Tuning Process
The process by which a schedule is tuned can be broken down into the following steps:
Step 1: Analyzing Alerts and Tuning Schedules.
“Step 2: Modifying the Filters in the Tune Command Report” (page 175)
“Step 3: Updating and Deploying the Schedule (page 176)
Figure 43 provides a pictorial representation of the process by which HIDS tunes schedules.
Figure 43 Flowchart Depicting the Tuning Process
Step 1: Analyzing Alerts and Tuning Schedules
Invoke the tune command from the idsadmin command line, or its interactive command interface
to start analyzing alerts and tuning schedules.
Tuning Schedules Using the idsadmin Command 171