Veritas NetBackup™ Virtual Appliance Documentation

The following list contains some of the events that the IDS policy monitors:

• User logons, logouts, and failed log on attempts

• Sudo commands

• User addition, deletion, and password changes

• User group addition, deletion, and member modifications

• System auto-start option changes

• Modifications to all system directories and files, including core system files, core system configuration files, installation programs, and common daemon files

• NetBackup services start and stop

• Detected system attacks from UNIX rootkit file/directory detection, UNIX worm file/directory detection, malicious module detection, suspicious permission change detection, and so on

• Audit of all NetBackup Virtual Appliance Shell Menu activity, including shell operations for maintenance, root, and NetBackupCLI users.