The Host-based Intrusion Detection System (HIDS) configuration page under the SIEM settings provides an overview and management interface for all host systems being monitored for suspicious activity.
Navigation:
Go to Settings > Configurations > SIEM
Click on the HIDS tab
The table lists all the systems configured for HIDS monitoring, with the following details:
| Column | Description |
|---|---|
| NO | Serial number of the entry. |
| SYSTEM NAME | Hostname of the monitored system. |
| HOST IP | IP address of the host being monitored. |
| LOCATION | Physical or logical location (e.g., Lab, Production). |
| OS | Operating system of the host (Windows/Linux). |
| STATUS | Connectivity status of the agent (? Up, ? Down). |
| DEVICE TYPE | Type of the device (currently marked as Unknown). |
| STATUS (Indicators) | Health status indicated via color dots: ? = Healthy ? = Issue detected |
| ASSIGN | Checkbox to assign/unassign the host for monitoring or further actions. |
Users can apply status-based filters to quickly locate hosts based on their operational state.
Steps:
Click the filter icon next to the search bar.
Select Offline or Online to filter systems accordingly.
Click Reset Filter to clear selections and view all entries again.
This helps in identifying offline hosts that need attention or confirming the online status of active devices.
Each row includes a checkbox under the Assign column, which enables or disables the host's inclusion in active monitoring or further actions.
Steps to Assign:
Select/deselect the checkbox for one or more systems.
Click the Submit button to confirm changes.
A confirmation message "Updated Successfully" will appear upon success.
This is used for managing HIDS agents' participation in the security policy.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article