BladeSystem Forums have moved here
To make BladeSystem information easier to find, we have moved the BladeSystem forums here, to Servers and Operating Systems.
Security
Showing results for 
Search instead for 
Do you mean 

HIDS report: WARNING: Corrupt file alert!

Regular Advisor

HIDS report: WARNING: Corrupt file alert!

When taking a report from the IDS in the production server hp, this show several warning which indicates corrupt files:

$ /opt/ids/bin/idsadmin -r --start-date 20110210 --end-date 20110210 --report-time local
WARNING: Corrupt file alert! Only 12 fields found. Expected 35 fields. Skipping....
WARNING: /var/opt/ids/gui/logs/CRDHP01_alert.log (line 63489):
WARNING: CRDHP01172.17.118.12Tue Nov 30 11:50:44 2010 SAT2321291135844uid=0,gid=3,pid=26557,ppid=21664file=/respaldosdba/BK_tempdb_log_01.txtnullnullnull
WARNING: Corrupt file alert! Only 12 fields found. Expected 35 fields. Skipping....
WARNING: /var/opt/ids/gui/logs/CRDHP01_alert.log (line 96781):
WARNING: CRDHP01172.17.118.12Wed Dec 1 17:14:56 2010 SAT2321291241696uid=102,gid=102,pid=15169,ppid=15168file=/bkestadocuenta/Unibanco/Visa/Pag_V_VSEC1012_01_BL0105_RG02CI20_emp12.txtnullnullnull
WARNING: Corrupt file alert! Only 12 fields found. Expected 35 fields. Skipping....
WARNING: /var/opt/ids/gui/logs/CRDHP01_alert.log (line 146680):
WARNING: CRDHP01172.17.118.12Fri Jan 28 16:15:58 2011 SAT2321296249358uid=102,gid=102,pid=5293,ppid=5292file=/bkestadocuenta/Bolivariano/Visa/Pag_V_VSEC1012_01_BL0026_RG01CI01_emp1.txtnullnullnull
Alert Report saved in /var/opt/ids/reports/HIDS_Report_Feb11_2011_15_45_05.html


Any ideas?
1 REPLY
Highlighted
Occasional Advisor

Re: HIDS report: WARNING: Corrupt file alert!

Which version of HP-UX HIDS are you running (swlist HPUX-HIDS)?