HP-UX Host Intrusion Detection System Version 4.7 Administrator Guide HP-UX 11i v3 (766144-001, March 2014)
Example 20 To generate a report for an agent configured to monitor HP-UX Containers (HP-UX
SRP).
/opt/ids/bin/idsadmin -r --start-date 200110101
--report-type persrp —a <agenthost>:[init,srp01,srp02]
This command generates a report for an agent configured to monitor Containers 'init', 'srp01',
'srp02' starting from January 01 2011. This report is saved as a HTML file in /var/opt/ids/
reports/HIDS_Report<date-time>.html in a persrp format.
Figure 47 is a screenshot of the generated report for an agent configured to monitor HP-UX
Containers (HP-UX SRP):
Figure 47 Screenshot of the Generated Report for an Agent Configured to monitor HP-UX Containers
(HP-UX SRP)
NOTE: While generating alert reports for an agent configured to monitor HP-UX Containers
(HP-UX SRP), the Container names should be specified else consolidated report will be generated
for the agent.
Benefits of Generating Reports in raw Format
Generating reports in raw format can be useful in the following scenarios:
• To automate some administrative change management tasks. For example, a script, which
compares a list of files that are expected to change with the actual files that were modified,
can read reports in raw format.
• To easily parse alerts for further manipulation, such as automating the entry of alerts in a
database to perform more complex database queries and to leverage the reporting features
of a database application.
NOTE: If some of the alert fields contain the pipe (|) character (the default delimiter character)
use the --report-delimiter option to specify a different delimiter character. Using pipe (|)
as a delimiter when alert fields contain the pipe (|) symbol will disrupt the parsing of alerts.
Generating Alert Reports Using the idsadmin Command 181