HP-UX Host Intrusion Detection System Version 4.4 Administrator Guide (5900-1634, April 2011)
1. Select a schedule in the Schedules panel.
Figure 19 Schedule Manager Screen-Miscellaneous Tab
2. Select the Global Properties tab on the Schedule Manager screen.
3. Select the Miscellaneous tab under the Global Properties tab.
4. Select the Monitor Failed Attempts to Create/Modify/Delete Critical Files option.
NOTE: By default, this option is disabled.
5. Click Save. The selection will be saved.
Configuring Duplicate Alert Suppression
Duplicate Alert Suppression is a feature that suppresses duplicate alerts from being reported to the
HIDS administrator console. This feature enables you to reduce the volume of the alerts reported
by HIDS and eases the administration of HIDS. The reduction of alert volume in HIDS enables you
to notice a true attack, and enhances the overall usability of the product.
To configure duplicate alert suppression, use the Duplicate Alert Suppression tab located within
Global Properties in the Schedule Manager window. Figure 20 depicts the various duplicate alert
suppression options you can configure.
Configuring Duplicate Alert Suppression 71