Manualshelf

HP-UX Host Intrusion Detection System Version 4.7 Administrator Guide HP-UX 11i v3 (766144-001, March 2014)

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
31323334353637383940
5. Go to the Schedule Manager screen and create surveillance schedules, or use the predefined
schedules. For more information, see “Using the Schedule Manager Screen” (page 48).
6. Go to the Host Manager screen and select the agent hosts you want to monitor. These are the
systems you started idsagent on in step 3. As described in “Setting Up HP-UX HIDS Secure
Communications (page 21), the certificate script may have provided you with a selection of
agent hosts. Check the Monitored box for each host. For more information, see “Using the
Host Manager Screen” (page 74).
7. Go to the System Manager screen. For more information, see “Returning to the System Manager
Screen (page 47).
8. Check the status of the agents. The host names are listed in the Monitored Hosts list. If they
are not listed as Available, select them all and press the Status button. The monitored hosts
will be listed as Available in the Status column. For more information, see “Getting the
Status of Agent Hosts (page 42).
9. Activate the schedules on the agent hosts. This can be the same schedule on all hosts, a
different schedule on each host, or any combination thereof.
a. Select a schedule in the Schedules list, the hosts you want to download it to in the
Monitored Hosts list and press the Activate button.
b. Repeat for different schedules and different hosts. An agent host can run only one schedule
at time. If a download is successful, its Status is Scheduled or Running, depending
on its timetable. For more information, see Activating Schedules on Agent Hosts
(page 44).
Operations Screens
The HP-UX HIDS System Manager has five operations screens that you use to manage HP-UX HIDS
operations, receive operator input, and display HP-UX HIDS output.
System Manager
The System Manager screen displays the current status of the agent systems and controls agent
operations. It is launched automatically when the System Manager starts. All other operations
screens can be accessed from the Edit or View menus of the System Manager screen. You
can return to the System Manager screen from the View > System Manager menu item on any
other operations screen. For more information, see Chapter 4: “Using the System Manager
Screen” (page 38).
Schedule Manager
In the Schedule Manager screen, you can:
Create and modify surveillance schedules.
Create and modify surveillance groups.
Add and modify the configuration for monitoring Containers (SRPs) by adding or assigning
groups for a particular Container (SRP). This is applicable when the HIDS agent is running
on a host configured with HP-UX Containers (HP-UX SRP). For more information, see HP-UX
Containers (HP-UX SRP) Administration Guide and Release notes.
Modify template property values.
Specify the days and times that each surveillance group will be active.
Specify global property values, such as alert aggregation, monitor failed attempts, and
duplicate alert suppression properties, as these values are not template specific.
For more information, see Chapter 5: “Using the Schedule Manager Screen” (page 48).
36 Getting Started with HP-UX HIDS