2.  samhain

  1. -t <arg>, --set-checksum-test=<arg> Set file checking to init, update, or check. Use init to create the database, update to update it, and check to check files against the database.


    Yes, it is normal that update takes much more time than init.

  2. -i, --interactive Use interactive mode for update(ask before updating an entry).

  3. --listfile=<path> Use a text file comprising a list of files to update(one file per line).

  4. -e <arg>, --set-export-severity=<arg> Set the severity threshold for forwarding messages to the log server. arg may be one of none, debug, info, notice, warn, mark, err, crit, alert .

  5. -r <arg>, --recursion=<arg> Set the default recursion level for directories (0 -- 99).

  6. --init2stdout Write the database to stdout when performing the initialization.