HP-UX Host Intrusion Detection System Version 4.7 Administrator Guide HP-UX 11i v3 (766144-001, March 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software

Table 51 Reporting Options Supported by idsadmin (continued)

DescriptionOption

Used with the --e-mail-to reporting

options. Text of an e-mail message containing

--e-mail-message TEXT

a report. Text must be enclosed in double

quotes if it contains white spaces. This option

can be specified only from the command line

and not from the interactive menu prompt.

Used with the --e-mail-to reporting

options. Subject line of an e-mail message

--e-mail-subject TEXT

containing a report. Text must be enclosed in

double quotes if it contains white spaces. This

option can be specified only from the

command line and not from the interactive

menu prompt.

Specifies that only alerts generated on or

before the specified date are reported. The

--end-date YYYYMMDD[HHMMSS]

date/time is interpreted as local time on the

host on which idsadmin is run, not as the

local time on agent host(s). The default is the

current time. If YYYYMMDD is specified but not

HHMMSS, then HHMMSS defaults to 235959

(11:59:59 PM).

Used with the --report-format (with raw

option) reporting option. Specifies the

--report-delimiter CHAR

delimiter character when printing alert reports

in raw format. The default is the pipe (|)

character.

Specifies the format of the generated report.

The default is html.

--report-format html | txt | raw

Specifies a file PATHNAME to override the

default location where an alert report is stored

--report-output stdout | PATHNAME

or to specify that the alert report must be

printed to stdout in addition to being stored

in the default location. If PATHNAME is set to

/dev/null, then the --e-mail-to option

must be specified and the alert report will not

be stored persistently in a file. By default, alert

reports are stored in /var/opt/ids/

reports/

HIDS_Report_date.[text|html|raw].

Convert and display all UTC timestamps in

UTC or local date/time string, where the local

--report-time utc | local

date/time is the local time on the admin host

that is not necessarily the same as the local

time on the agent host(s). This option does not

apply to the date/time string value generated

by an agent and that represents the local time

on the agent host. The default is utc.

If set to multihost, generate a consolidated

alert listing across all specified agent hosts.

--report-type multihost | perhost |persrp

If set to perhost, generate an individual

alert listing per agent host. If set to persrp,

generate an individual alert listing per

Container (SRP) in an agent host. Use persrp

option only if the agent is configured to

monitor HP-UX Containers (HP-UX SRP). If

multihost is specified and the report only

contains an alert listing for one agent, an

176 Tuning Schedules and Generating Alert Reports