Security
Showing results for 
Search instead for 
Do you mean 

HIDS report: WARNING: Corrupt file alert!

Regular Advisor

HIDS report: WARNING: Corrupt file alert!

When taking a report from the IDS in the production server hp, this show several warning which indicates corrupt files:

$ /opt/ids/bin/idsadmin -r --start-date 20110210 --end-date 20110210 --report-time local
WARNING: Corrupt file alert! Only 12 fields found. Expected 35 fields. Skipping....
WARNING: /var/opt/ids/gui/logs/CRDHP01_alert.log (line 63489):
WARNING: CRDHP01172.17.118.12Tue Nov 30 11:50:44 2010 SAT2321291135844uid=0,gid=3,pid=26557,ppid=21664file=/respaldosdba/BK_tempdb_log_01.txtnullnullnull
WARNING: Corrupt file alert! Only 12 fields found. Expected 35 fields. Skipping....
WARNING: /var/opt/ids/gui/logs/CRDHP01_alert.log (line 96781):
WARNING: CRDHP01172.17.118.12Wed Dec 1 17:14:56 2010 SAT2321291241696uid=102,gid=102,pid=15169,ppid=15168file=/bkestadocuenta/Unibanco/Visa/Pag_V_VSEC1012_01_BL0105_RG02CI20_emp12.txtnullnullnull
WARNING: Corrupt file alert! Only 12 fields found. Expected 35 fields. Skipping....
WARNING: /var/opt/ids/gui/logs/CRDHP01_alert.log (line 146680):
WARNING: CRDHP01172.17.118.12Fri Jan 28 16:15:58 2011 SAT2321296249358uid=102,gid=102,pid=5293,ppid=5292file=/bkestadocuenta/Bolivariano/Visa/Pag_V_VSEC1012_01_BL0026_RG01CI01_emp1.txtnullnullnull
Alert Report saved in /var/opt/ids/reports/HIDS_Report_Feb11_2011_15_45_05.html


Any ideas?
1 REPLY
Highlighted
Occasional Advisor

Re: HIDS report: WARNING: Corrupt file alert!

Which version of HP-UX HIDS are you running (swlist HPUX-HIDS)?