ossec-makelists

The ossec-makelists utility to compile cdb databases. ossec-makelists will scan ossec.conf for database files, check the mtime, and recompile all out of date databases.

See CDB List lookups from within Rules for more information.

ossec-makelists argument options

-c <config>

Run with configuration file of <config>.

Default /var/ossec/etc/ossec.conf

-d

Execute ossec-makelists in debug mode. This option can be used multiple times to increase the verbosity of the debug messages.

-F

Force the rebuild of all configured databases.

-g <group>

Run as <group>.

-h

Display the help message.

-t

Test the configuration.

-u <user>

Run as <user>.

-V

Display the version and license information.

ossec-makelists example usage

Example: Running ossec-makelists and an update is necessary

# /var/ossec/bin/ossec-makelists
 * File lists/blocked.txt.cdb need to be updated

Example: Running ossec-makelists when no update is necessary

# /var/ossec/bin/ossec-makelists
 * File lists/blocked.txt.cdb does not need to be compiled