Index

Symbols

-a agent_control command line option clear_stats command line option manage_agents command line option ospatrol-logtest command line option syscheck_update command line option -A <agent_name> agent-auth command line option -c manage_agents command line option -c <config> ospatrol-agentd command line option ospatrol-analysisd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-execd command line option ospatrol-logcollector command line option ospatrol-logtest command line option ospatrol-maild command line option ospatrol-makelists command line option ospatrol-monitord command line option ospatrol-remoted command line option ospatrol-syscheckd command line option -D agent-auth command line option -d clear_stats command line option ospatrol-agentd command line option ospatrol-analysisd command line option ospatrol-authd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-execd command line option ospatrol-logcollector command line option ospatrol-logtest command line option ospatrol-maild command line option ospatrol-makelists command line option ospatrol-monitord command line option ospatrol-remoted command line option ospatrol-syscheckd command line option syscheck_control command line option -D <dir> ospatrol-agentd command line option ospatrol-analysisd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-execd command line option ospatrol-logcollector command line option ospatrol-logtest command line option ospatrol-maild command line option ospatrol-makelists command line option ospatrol-monitord command line option ospatrol-remoted command line option ospatrol-syscheckd command line option -e <agent_id> manage_agents command line option -f ospatrol-agentd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-execd command line option ospatrol-logcollector command line option ospatrol-maild command line option ospatrol-makelists command line option ospatrol-monitord command line option ospatrol-syscheckd command line option -f <file> manage_agents command line option -f <file> syscheck_control command line option -f <filter> <value> ospatrol-reportd command line option -g <group> ospatrol-agentd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-logtest command line option ospatrol-maild command line option ospatrol-makelists command line option ospatrol-monitord command line option ospatrol-remoted command line option -h agent-auth command line option agent_control command line option clear_stats command line option manage_agents command line option, [1] ospatrol-agentd command line option ospatrol-analysisd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-execd command line option ospatrol-logcollector command line option ospatrol-logtest command line option ospatrol-maild command line option ospatrol-makelists command line option ospatrol-monitord command line option ospatrol-remoted command line option ospatrol-reportd command line option ospatrol-syscheckd command line option rootcheck_control command line option syscheck_control command line option syscheck_update command line option -i ospatrol-authd command line option -i <agent_id> agent_control command line option rootcheck_control command line option syscheck_control command line option -i <key> manage_agents command line option -L rootcheck_control command line option -l agent_control command line option manage_agents command line option rootcheck_control command line option syscheck_control command line option syscheck_update command line option -lc agent_control command line option rootcheck_control command line option syscheck_control command line option

-m <manager_ip> agent-auth command line option -n manage_agents command line option -n <string> ospatrol-reportd command line option -p <port> agent-auth command line option ospatrol-authd command line option -q rootcheck_control command line option -r agent_control command line option rootcheck_control command line option -r -i syscheck_control command line option -R <agent_id> agent_control command line option -r <filter> <value> ospatrol-reportd command line option -s ospatrol-reportd command line option rootcheck_control command line option syscheck_control command line option -t ospatrol-agentd command line option ospatrol-analysisd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-execd command line option ospatrol-logcollector command line option ospatrol-logtest command line option ospatrol-maild command line option ospatrol-monitord command line option ospatrol-remoted command line option ospatrol-syscheckd command line option -u <agent_id> agent_control command line option syscheck_control command line option syscheck_update command line option -u <id> rootcheck_control command line option -u <user> ospatrol-agentd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-logtest command line option ospatrol-maild command line option ospatrol-makelists command line option ospatrol-monitord command line option ospatrol-remoted command line option -u all rootcheck_control command line option syscheck_control command line option -u local syscheck_update command line option -V manage_agents command line option ospatrol-agentd command line option ospatrol-analysisd command line option ospatrol-csyslogd command line option ospatrol-dbd command line option ospatrol-execd command line option ospatrol-logcollector command line option ospatrol-logtest command line option ospatrol-maild command line option ospatrol-makelists command line option ospatrol-monitord command line option ospatrol-remoted command line option ospatrol-syscheckd command line option -v ospatrol-logtest command line option -w clear_stats command line option -z syscheck_control command line option

A

active-response agent-auth command line option -A <agent_name> -D -h -m <manager_ip> -p <port> agent.debug agent_config agent_config_options agent_control command line option -R <agent_id> -a -h -i <agent_id> -l -lc -r -u <agent_id> agent_id agentless, [1] alerts alias, [1]

allowed-ips analysisd.debug analysisd.default_timeframe analysisd.fts_list_size analysisd.fts_min_size_for_str analysisd.log_fw analysisd.stats_maxdiff analysisd.stats_mindiff analysisd.stats_percent_diff arguments, [1]

B

base_directory

C

categories category check_dev check_diff, [1], [2] check_files check_if check_pids check_policy check_ports check_sys

check_trojans check_unixaudit check_winapps check_winaudit check_winmalware clear_stats command line option -a -d -h -w command, [1], [2], [3] connection custom_alert_output

D

database database_output dbd.reconnect_attempts decoded_as decoder, [1] decoder.fts decoder.ftscomment decoder.order decoder.parent decoder.prematch

decoder.program_name decoder.regex decoder_dir deny-ips description disabled, [1] do_not_delay do_not_group dstip

E

email_alert_level email_alerts email_from email_maxperhour email_notification

email_to, [1], [2] event_location executable expect

F

format, [1]

frequency, [1], [2], [3], [4]

G

geoip_db_path global

group, [1], [2], [3]

H

HIDS host, [1]

host_infomation hostname, [1]

I

id if_group if_level if_matched_group if_matched_level

if_matched_sid if_sid include info ipv6

L

level, [1], [2], [3] LIDS list, [1] local_ip localfile, [1] location, [1], [2], [3], [4]

log_alert_level log_format, [1] logall logcollector.loop_timeout logcollector.open_attempts logcollector.remote_commands=0

M

maild.full_subject maild.geoip maild.groupping maild.strict_checking manage_agents command line option -V -a -c -e <agent_id> -f <file> -h, [1] -i <key> -l -n match

memory_size monitord.compress monitord.day_wait monitord.monitor_agents monitord.sign

N

name, [1]

notify_time

O

options os ospatrol-agentd command line option -D <dir> -V -c <config> -d -f -g <group> -h -t -u <user> ospatrol-analysisd command line option -D <dir> -V -c <config> -d -h -t ospatrol-authd command line option -d -i -p <port> ospatrol-csyslogd command line option -D <dir> -V -c <config> -d -f -g <group> -h -t -u <user> ospatrol-dbd command line option -D <dir> -V -c <config> -d -f -g <group> -h -t -u <user> ospatrol-execd command line option -D <dir> -V -c <config> -d -f -h -t

ospatrol-logcollector command line option -D <dir> -V -c <config> -d -f -h -t ospatrol-logtest command line option -D <dir> -V -a -c <config> -d -g <group> -h -t -u <user> -v ospatrol-maild command line option -D <dir> -V -c <config> -d -f -g <group> -h -t -u <user> ospatrol-makelists command line option -D <dir> -V -c <config> -d -f -g <group> -h -u <user> ospatrol-monitord command line option -D <dir> -V -c <config> -d -f -g <group> -h -t -u <user> ospatrol-remoted command line option -D <dir> -V -c <config> -d -g <group> -h -t -u <user> ospatrol-reportd command line option -f <filter> <value> -h -n <string> -r <filter> <value> -s ospatrol-syscheckd command line option -D <dir> -V -c <config> -d -f -h -t

P

password picviz_output picviz_socket port, [1], [2]

prelude_output profile program_name protocol

R

regex remote remoted.comp_average_printout remoted.debug remoted.recv_counter_flush remoted.verify_msg_id repeated_offenders reports

rootcheck_control command line option -L -h -i <agent_id> -l -lc -q -r -s -u <id> -u all rootkit_files rootkit_trojans rule, [1], [2] rule_dir rule_id, [1] rules_group rules_id

S

same_dst_port same_location same_source_ip same_source_port scanall server server-hostname server-ip, [1] showlogs smtp_server

srcip, [1] state, [1] stats syscheck.sleep syscheck.sleep_after syscheck_control command line option -d -f <file> -h -i <agent_id> -l -lc -r -i -s -u <agent_id> -u all -z syscheck_update command line option -a -h -l -u <agent_id> -u local syslog_output system_audit

T

time timeout timeout_allowed

title type

U

url use_geoip

user, [1] username

W

weekday white_list windows.debug

windows_apps windows_audit windows_malware