HP-UX Host Intrusion Detection System Version 4.4 Administrator Guide (5900-1634, April 2011)

Example 15 To generate a report for an agent showing only the date and time (local), severity,

attacker, target, and to e-mail the report in text format to a specified e-mail address

/opt/ids/bin/idsadmin –r –a ariel --alert-fields localdate,

severity,attacker,target --report-format text -–e-mail-to

admin@xyz.com

Figure 45 shows a portion of the report generated in text format:

Figure 45 Screenshot of the Generated Report in text Format

Example 16 To generate individual reports for all agents listed in the sentinal.hosts file, sorted

by severity starting from January 01 2007

/opt/ids/bin/idsadmin –r –a all --report-type perhost

--sort-by severity --start-date 20070101

Example 17 To generate a report listing only the critical alerts for all agents listed in the

sentinal.hosts file starting from January 01 2007, and to display the report in raw format

using commas to delimit alert fields

/opt/ids/bin/idsadmin –r –a abc.hp.com,xyz.hp.com

--alert-severities critical --report-format raw

--report-delimiter , --start-date 20070101

Generating Alert Reports Using the idsadmin Command 183