Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX Host Intrusion Detection System Version 4.1 Administrator's Guide: HP-UX 11i v1, HP-UX 11i v2 and HP-UX 11i v3 > Chapter 4 Using the System Manager Screen

Resynchronizing Agent Hosts
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

The HP-UX HIDS agent program can continue to detect alerts when the HP-UX HIDS System Manager is not running. During this period, as each agent detects intrusions, it records them in a log file on the agent host. When you restart the HP-UX HIDS System Manager, the following events occur:

  1. The System Manager locates its own log files for each agent host in the Monitored Host list.

  2. If the Automatic Startup Status Poll field is enabled, the monitored hosts are polled for their status. If the status is either Scheduled or Running, the hosts subsequent alerts and errors are added to the System Manager log files. For more information, see “General Preferences”,

  3. If Automatic Startup Alert Resynchronization is enabled, all the alerts in the agent’s log file that are not updated in the System Manager alert log file are transferred to the System Manager. If the alert log file for a particular agent is empty, then all alerts are transferred to the System Manager. For more information, see “General Preferences”.

    TIP: To avoid reloading deleted alerts, retain only the most recent alert message.

The error log files are not resynchronized.

If the Automatic Startup Status Poll field is disabled, you must poll the status of the agent hosts before you can resynchronize them. See “Getting the Status of Agent Hosts”.

If Automatic Startup Alert Resynchronization is disabled, use the following procedure to synchronize the alerts.

  1. On the System Manager screen, in the Monitored Hosts list, select the hosts you want to resynchronize. The status of these hosts must be Available, Scheduled, or Running.

  2. Select one of the following options to resynchronize:

    • Click the Resync button.

    • Choose the Actions > Resync menu item.

    • Press Shift+F6.

    • Right-click in the Monitored Hosts area and select Resync from the menu.

    Any alerts in each agent’s log file that are newer than the last one seen by the System Manager are transferred to the System Manager’s log files. The numbers are updated on the Monitored Hosts list and the alerts and errors are displayed on the Network Node screen for each host. The updates continue as alerts and errors are generated and the System Manager runs.



Getting the Status of Agent Hosts
  		 


Activating Schedules on Agent Hosts  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© Hewlett-Packard Development Company, L.P.