Manual Reference Pages - OODA (8)

NAME

ooda - the shoki event correlator

Synopsis
Description
Options
Files
Authors
Bugs
See Also

SYNOPSIS

ooda [-A dbpass] [-b dbname] [-C conf_file] [-d] [-D chrdir] [-h] [-H dbhost] [-L logfname] [-P pidfile] [-U luser] [-v verbosity]

DESCRIPTION

ooda is a daemon which correlates events output by the other shoki widgets. Among other things, it writes dynamic signatures to the doctrine_filters table of the shoki database, which in turn are used by the dlex(8) widget.
The behaviour of ooda is largely governed by doctrine files. For more information about the format of doctrine files, consult the shoki.doctrine(5) manpage.
More information about the internal functioning of the ooda widget can be found in the ooda(7) manpage.

OPTIONS

-A dbpass Specifies the passwd to use when connecting to the database. This should only be necessary if the database is running on another machine.

-b dbname Specifies the name of the database to connect to.

-C conf_file
Read an alternate config file. By default, /usr/local/shoki/etc/lexer.conf will be used.

-d If specified, ooda will run in the foreground and not fork.

-D chrdir If specified, will do a chroot(2) to chrdir.

-h Display a usage message and exit.

-H dbhost Specifies the name of the database host. If the -H flag is not given, ooda will attempt to connect to the database on a local UNIX socket.

-L logfile
For filter methods that support logging to a file, output will be sent to logfile. Use `-' (without the quotes) for stdout.

-P pidfile
Writes PID of the ooda process to pidfile, which cannot be an existing file.

-U luser If specified, setuid/setgid to specified luser.

-v verbosity
Set the verbosity level to verbose. Exactly what this entails tends to vary from release to release. In general, you won’t want to specify a verbosity level unless you're doing debugging.

FILES

/usr/local/shoki/etc/ooda.conf ooda config file.

AUTHORS

.An Stephen P. Berry <spb@meshuggeneh.net>
More information can be found at the shoki homepage:

BUGS

Check the README at the top of the source tree.

Manual Reference Pages - OODA (8)

NAME

CONTENTS

SYNOPSIS

DESCRIPTION

OPTIONS

FILES

AUTHORS

BUGS

SEE ALSO

-A dbpass	Specifies the passwd to use when connecting to the database. This should only be necessary if the database is running on another machine.
-b dbname	Specifies the name of the database to connect to.
-C conf_file
	Read an alternate config file. By default, `/usr/local/shoki/etc/lexer.conf` will be used.
-d	If specified, ooda will run in the foreground and not fork.
-D chrdir	If specified, will do a chroot(2) to chrdir.
-h	Display a usage message and exit.
-H dbhost	Specifies the name of the database host. If the -H flag is not given, ooda will attempt to connect to the database on a local UNIX socket.
-L logfile
	For filter methods that support logging to a file, output will be sent to logfile. Use `-' (without the quotes) for stdout.
-P pidfile
	Writes PID of the ooda process to pidfile, which cannot be an existing file.
-U luser	If specified, setuid/setgid to specified luser.
-v verbosity
	Set the verbosity level to verbose. Exactly what this entails tends to vary from release to release. In general, you won’t want to specify a verbosity level unless you're doing debugging.