Samhain | ||
---|---|---|
<<< Previous | Next >>> |
-D, --daemon Run as daemon.
--foreground Stay in the foreground, do not run as daemon.
-f, --forever Loop forever, even if not daemon.
--bind-address=<IP-Address> Use this IP address (i.e. interface) for outgoing connections (e.g. on multi-interface machines).
-s <arg>, --set-syslog-severity=<arg> Set the severity threshold for syslog. arg may be one of none, debug, info, notice, warn, mark, err, crit, alert.
-l <arg>, --set-log-severity=<arg> Set the severity threshold for logfile. arg may be one of none, debug, info, notice, warn, mark, err, crit, alert.
-m <arg>, --set-mail-severity=<arg> Set the severity threshold for e-mail. arg may be one of none, debug, info, notice, warn, mark, err, crit, alert.
--set-database-severity=<arg> Set the severity threshold for logging to a RDBMS. arg may be one of none, debug, info, notice, warn, mark, err, crit, alert.
--set-prelude-severity=<arg> Set the severity threshold for logging to the Prelude IDS system. arg may be one of none, debug, info, notice, warn, mark, err, crit, alert.
-p <arg>, --set-print-severity=<arg> Set the severity threshold for terminal/console. arg may be one of none, debug, info, notice, warn, mark, err, crit, alert.
-x <arg>, --set-extern-severity=<arg> Set the severity threshold for external program(s). arg may be one of none, debug, info, notice, warn, mark, err, crit, alert.
-L <arg>, --verify-log=<arg> Verify the integrity of the log file and print the entries (arg is the path of the log file).
-j, --just-list Modify -L to just list the logfile, rather than verify (to de-obfuscate the logfile if you have compiled for stealth mode). Order matters: this must come before -L.
-M <arg>, --verify-mail=<arg> Verify the integrity of e-mailed messages (arg is the path of the mail box).
-V <arg>, --add-key=<arg> Add key material to the compiled-in key (see the Section called Integrity of the executable in the chapter called Security Design>). arg must be of the form key@/path/to/executable. Output will be written to /path/to/executable.out.
-H <arg>, --hash-string=<arg> Print the hash of a string / the checksum of a file, and exit. If arg starts with a '/', it is assumed to be a file, otherwise a string. This function is useful to test the hash algorithm.
-z <arg>, --tracelevel=<arg> If compiled with --enable-debug: arg > 0 to switch on debug output. If compiled with --enable-trace: arg > 0 max. level for call tracing.
-i <arg>, --milestone=<arg> If compiled with --enable-trace: trace from milestone arg to arg+1. If arg = -1, trace all.
-d <arg>, --list-database=<arg> List the database file arg (use ``default'' for the compiled-in path).
-a, --full-detail Modify -d to list full details (numeric mode, owner, group, all three timestamps (ctime, mtime, atime), and the checksum. Order matters: this must come before -d.
--delimited Same as --full-detail, but with comma-delimited fields.
-c, --copyright Print copyright information and exit.
-h, --help Print a short help on command line options and exit.
--trace-enable Print a trace of the execution flow.
--trace-logfile=<arg> Use file arg to log the trace.
<<< Previous | Home | Next >>> |
Paths | samhain |