{"id":68,"date":"2015-01-07T13:34:30","date_gmt":"2015-01-07T13:34:30","guid":{"rendered":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=68"},"modified":"2018-01-06T14:58:55","modified_gmt":"2018-01-06T14:58:55","slug":"orchids-conf","status":"publish","type":"page","link":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=68","title":{"rendered":"orchids.conf"},"content":{"rendered":"<p>The general configuration file of Orchids, <code>orchids.conf<\/code>, is a list of commands, one per line, of the following form.\u00a0 Lines starting with <code>#<\/code> are comments.<\/p>\n<ul>\n<li><code>MaxMemorySize<\/code> <em>n<\/em>: declares the maximum amout of memory that Orchids is allowed to consume while running, as a number <em>n<\/em> of bytes. \u00a0See the <a href=\"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=740\">low memory page<\/a> to understand the purpose of that directive.<\/li>\n<li><code>RainyDayFund<\/code>\u00a0<em>n<\/em>: declares the amount of memory that Orchids will preallocate as a <a href=\"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=740\">rainy day fund<\/a>.<\/li>\n<li><code>ModuleDir<\/code> <em>dir<\/em>: declares that <em>dir<\/em> is the directory where Orchids will find its modules.\u00a0 Typical value is <code>\/usr\/local\/lib\/orchids<\/code> (<code>@@LIBDIR@@\/orchids<\/code> if you look at <code>orchids.conf.dist<\/code> instead of <code>orchids.conf<\/code>).<\/li>\n<li><code>LockFile<\/code> <em>file<\/em>: sets <em>file<\/em> as Orchids lock file. Serves to ensure that at most one Orchids process is running on the system. Default file is <code>@prefix@\/var\/run\/orchids\/orchids.lock<\/code>, where <code>@prefix@<\/code> is typically <code>\/usr\/local<\/code>.<\/li>\n<li><code>RuntimeUser<\/code> <em>user<\/em>: declares that Orchids should run as user <em>user<\/em>. Typical value is <code>nobody<\/code> (<code>@@RUNUSER@@<\/code> if you look at <code>orchids.conf.dist<\/code> instead of <code>orchids.conf<\/code>).<\/li>\n<li><code>Nice<\/code> <em>pri<\/em>: sets the priority of the Orchids process to <em>pri<\/em>.<\/li>\n<li><code>PollPeriod<\/code> <em>secs<\/em>: instructs Orchids that it should poll files every <em>secs<\/em> seconds.\u00a0 Orchids can read events from files or from sockets.\u00a0 Only the first kind requires polling. \u00a0One can specify fractional values for seconds. \u00a0The IDMEF time format is recognized as well.<\/li>\n<li><code>ResolveIP<\/code> <em>opt<\/em>, where <em>opt<\/em> is <code>yes<\/code>, <code>1<\/code>, <code>on<\/code>, <code>true<\/code>, <code>enabled<\/code> (all meaning true), or anything else (meaning false): if enabled, will tell Orchids to print IP addresses by adding the corresponding host name. Good for demos, slow in actual applications. Typical value is <code>no<\/code>.<\/li>\n<li><code>Include<\/code> <em>file<\/em>: include configuration file <em>file<\/em>. Used mainly to include the <a title=\"orchids-modules.conf\" href=\"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=78\"><code>orchids-modules.conf<\/code><\/a>, <code>orchids-rules.conf<\/code>, and <a title=\"orchids-inputs.conf\" href=\"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=145\"><code>orchids-inputs.conf<\/code><\/a> files, as well as <a title=\"Module configuration files\" href=\"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=83\">module-specific<\/a> configuration files. Regexps are legal, e.g.:\n<pre>Include \"@@ETCDIR@@\/orchids\/conf.d\/*.conf\"<\/pre>\n<\/li>\n<\/ul>\n<p>Some other commands are in principle legitimate, too, such as <code>INPUT<\/code> or <code>DISSECT<\/code>, or <code>AddModule<\/code> for example. They are better used in specific included files, such as <a title=\"orchids-inputs.conf\" href=\"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=145\"><code>orchids-inputs.conf<\/code><\/a> for the first two, or <a title=\"orchids-modules.conf\" href=\"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=78\"><code>orchids-modules.conf<\/code><\/a> for the last one. They are documented on the corresponding pages.<\/p>\n<p>Obsolete commands include:<\/p>\n<ul>\n<li><code>AddPreprocessorCmd<\/code> <em>suffix cmd<\/em>: declares that those rule files whose name ends in <em>suffix<\/em> should first be processed by running <em>cmd<\/em> on it. Removed for security reasons.<\/li>\n<li><code>SetPreprocessorCmd<\/code> <em>suffix cmd<\/em>: declares that <code>cmd<\/code> should be the default preprocessor. Removed for security reasons.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>The general configuration file of Orchids, orchids.conf, is a list of commands, one per line, of the following form.\u00a0 Lines starting with # are comments. MaxMemorySize n: declares the maximum amout of memory that Orchids is allowed to consume while running, as a number n of bytes. \u00a0See the low memory page to understand the &hellip; <a href=\"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/?page_id=68\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">orchids.conf<\/span> <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"footnotes":""},"class_list":["post-68","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/index.php?rest_route=\/wp\/v2\/pages\/68","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=68"}],"version-history":[{"count":14,"href":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/index.php?rest_route=\/wp\/v2\/pages\/68\/revisions"}],"predecessor-version":[{"id":742,"href":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/index.php?rest_route=\/wp\/v2\/pages\/68\/revisions\/742"}],"wp:attachment":[{"href":"https:\/\/projects.lsv.ens-paris-saclay.fr\/orchidsdoc\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=68"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}