HP Host Intrusion Detection System (HIDS) manual Idsagent not enough disk space to create schedule

Messages

Agent Messages

❏Meaning: The system does not have enough disk space to create the interprocess communication files in /var/opt/ids. HP-UX HIDS uses memory-mapped files, each of size 20 MB.

❏Action: Ensure that there is at least 20 MB of free disk space in the /var partition. You can remove any lingering files with names in the form /var/opt/ids/ids_10*.

idsagent: not enough disk space to create schedule

❏Meaning: The /var partition is full and the idsagent cannot save the schedule to disk.

❏Action: Ensure that there is at least 10 MB of free disk space in the /var partition.

idsagent: not enough disk space to parse schedule

❏Meaning: idsagent was unable to parse the surveillance schedule because the system has exhausted its disk space.

❏Action: Ensure that there is free disk space in the /var partition.

idsagent: not enough disk space to save config file

❏Meaning: The system has exhausted the disk space in the root file system partition.

❏Action: Clean up the root file system partition to free space.

idsagent: out of process table space!

❏Meaning: There are no process table slots free on the system.

❏Action: Your system has run out of process table space. Either kill unneeded processes or reconfigure the kernel to allow for more user processes.

idsagent: schedule cannot be executed as specified

❏Meaning: The surveillance schedule contains detection templates that are not supported by this version of the idsagent.

❏Action: Verify that you have the latest version of the HP-UX HIDS product installed on the agent system.

idsagent: Surveillance Schedule sched does not contain any surveillance group periods

❏Meaning: A surveillance schedule sched was activated on the agent that did not contain any valid surveillance groups.

❏Action: Verify that the surveillance schedule contains surveillance groups in the Schedule Manager window of the HP-UX HIDS System Manager.

idsagent: this host (host) has multiple network addresses

❏Meaning: idsagent does not know which network interface to listen on for commands. The IDS_LISTEN_IFACE parameter must be set in the configuration file, /etc/opt/ids/ids.cf. Specify an host name or IP address in the configuration file.

❏Action: If running on a multihomed system, set the IDS_LISTEN_IFACE parameter in

/etc/opt/ids/ids.cf.

idsagent: the IDS_LISTEN_IFACE parameter is specified as: hostname in the configuration file configfile