source command in shell script

다음은 /root/.bashrc 내역.

  1 # .bashrc
  2
  3 # User specific aliases and functions
  4
  5 alias rm='rm -i'
  6 alias cp='cp -i'
  7 alias mv='mv -i'
  8 alias vi=vim
  9

SplunkForwarder v9

포워더 버전 8 설치.

[root@Centos7 ~]# rpm -ivh splunkforwarder-8.2.5-77015bc7a462-linux-2.6-x86_64.rpm
warning: splunkforwarder-8.2.5-77015bc7a462-linux-2.6-x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID b3cd4420: NOKEY
Preparing...                          ################################# [100%]
useradd: cannot create directory /opt/splunkforwarder
Updating / installing...
   1:splunkforwarder-8.2.5-77015bc7a46################################# [100%]
complete

Snort unified2 problem

Snort는 크게 두 가지 방식의 탐지로그 출력을 지원한다. A 옵션을 이용한 경고와 패킷 로그 분리,

[root@Centos7 ~]# snort --help

   ,,_     -*> Snort! <*-
  o"  )~   Version 2.9.20 GRE (Build 82)
   ''''    By Martin Roesch & The Snort Team: http://www.snort.org/contact#team
           Copyright (C) 2014-2022 Cisco and/or its affiliates. All rights reserved.
           Copyright (C) 1998-2013 Sourcefire, Inc., et al.
           Using libpcap version 1.5.3
           Using PCRE version: 8.32 2012-11-30
           Using ZLIB version: 1.2.7

간만에 Snort(union table)

다음은 Snort 스키마 일부.