The idsadmin Command
The idsadmin Command
Specify the host name or IP address of the local host where idsadmin should accept connections from the agent. By default, the local host name is used. Use this option if the local host is multihomed (has two or more IP addresses).
| ||
|
| Specify the path name of a file to store alert and error messages sent |
|
| by the agent. If the file already exists, idsadmin appends to it. |
| ||
|
| Specify the RSA cipher suite for secure communication with the agent. |
Commands | idsadmin provides the following commands (case is ignored): | |
| load | Load a surveillance schedule into the idsagent process. An error is |
|
| returned if a surveillance schedule is already running or is scheduled |
|
| to run. The load command overwrites any previously loaded |
|
| surveillance schedule. |
| ping | Send an application level ping to the idsagent process. If it can be |
|
| contacted and reply, it indicates that the agent is alive and |
|
| communication settings are correct. |
| remove | Delete the currently loaded surveillance schedule from the idsagent |
|
| process. A schedule cannot be removed if it is currently running or |
|
| scheduled to run. |
| resync | Resynchronize with the idsagent process. resync prompts for a start |
|
| date. It then gathers any alerts from the idsagent process, which have |
|
| occurred since the date entered. Alerts are displayed in the order they |
|
| were generated. idsadmin maintains no state information for each |
|
| agent node. |
|
| Use resync if the idsadmin program is not running but the idsagent |
|
| process is still gathering data and monitoring events. |
| shutdown | Shut down the idsagent process. shutdown will halt all agent |
|
| processing and force all |
| start | Start the previously loaded surveillance schedule running on the |
|
| idsagent process. An error is returned if no surveillance schedule is |
|
| loaded or if a surveillance schedule is already running or is scheduled |
|
| to run. |
| status | Query the status of the idsagent process. status returns the name of |
|
| the previously loaded surveillance schedule (if any) and whether the |
|
| surveillance schedule is running, scheduled to run, or loaded. |
| stop | Stop the currently running or scheduled surveillance schedule on the |
|
| idsagent process. If no surveillance schedule is loaded, running, or |
|
| scheduled to run, an error is returned. |
If a command expects a response from the idsagent process, idsadmin will pause for a reply. If no reply is received within a timeout period of 12 seconds, an error is displayed.
212 | Appendix D |
