Security Onion Control Scripts
This appendix contains a listing of scripts used to control and interact with Security Onion services and data. All of these scripts (with the exception of rule-update) are located in the /usr/sbin/ directory and are required to be executed with elevated privileges using the sudo command. While we won’t cover every available option for every single script, you can learn more about each script by running it with the --help argument.
High Level Commands
nsm
This script is used to pass options to underlying scripts, such as nsm_server and nsm_sensor. This script can be used to check the status of an SO system by using this command:
sudo nsm --all --status
nsm_all_del
This script will delete all SO server and ...
Get Applied Network Security Monitoring now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
