-
Notifications
You must be signed in to change notification settings - Fork 8
Usage
Tor Johnson edited this page Jun 9, 2014
·
1 revision
$ megatron.sh --help
_______ _______ ______ _______ _______ ______ _____ __ _
| | | |______ | ____ |_____| | |_____/ | | | \ |
| | | |______ |_____| | | | | \_ |_____| | \_|
Usage: megatron.sh [options] logfiles(s)
Options:
-v, --version Print application version and exit.
-h, --help Print this help message.
-s, --slurp Process files in the slurp directory.
-l, --list-jobs List processed log jobs. No. of days may be specified.
-w, --whois Print whois report for specified IPs or hostnames.
-e, --export Export log records to file.
-d, --delete Delete job including log records.
-D, --delete-all Delete job plus mail jobs.
-j, --job Specifies job, e.g. 'shadowserver-drone_2009-06-22_084510'.
-t, --job-type Specifies job type for input files, e.g. 'shadowserver-drone'.
-o, --output-dir Specifies directory for export files.
-i, --id Specifies RTIR id.
-p, --prio Specifies priority for log records to be emailed or exported.
-P, --list-prios List priorities.
-I, --job-info Print info about specified log job.
-n, --no-db Skip writes to the database.
-S, --stdout Writes to stdout instead of export file.
-1, --mail-dry-run Create a mail report but does not send any mail.
-2, --mail-dry-run2 As '--mail-dry-run' but more verbose.
-m, --mail Send mails for a job.
-b, --use-org2 Use secondary organization when mailing.
Admin Options:
--import-contacts Import organizations to the database.
--import-bgp Import BGP dump file (specified in config).
--update-netname Update netname field from whois queries.
--add-addresses Add email addresses listed in specified file.
--delete-addresses Delete email addresses listed in specified file.
--create-rss Create RSS with Megatron statistics.
--create-reports Create report files (json, xml, html, etc.).
--create-report Run a specific report.
--ui-org Administration of organizations (command line interface).
Examples:
Process file and save result in the database:
megatron.sh --job-type shadowserver-drone 2009-06-22-drone-report-se.csv
Preview of mail to be sent:
megatron.sh --job shadowserver-drone_2009-06-22_160142 --id 4242 --mail-dry-run
Send mails for the job:
megatron.sh --job shadowserver-drone_2009-06-22_160142 --id 4242 --mail
As above, but sends only to organizations with a prio of 50 or above:
megatron.sh --job shadowserver-drone_2009-06-22_160142 --id 4242 --prio 50 --mail
Display information, e.g. high priority organizations, about specified job:
megatron.sh --job-info shadowserver-drone_2009-06-15_124508
Delete specified job:
megatron.sh --delete shadowserver-drone_2009-06-15_124508
Display log jobs created the last 4 days:
megatron.sh --list-jobs 4
Process files and exports them to a different format:
megatron.sh --export --job-type whois-cymru-verbose --no-db file1.txt file2.txt
Add email addresses listed in file to the database:
megatron.sh --add-addresses new-addresses.txt
Start admin-UI for organizations, IP-blocks, ASNs, and domain names:
megatron.sh --ui-org
Print whois report for specified IPs (hostnames or URLs will also work):
megatron.sh --whois 192.121.218.90 1.1.1.1 2.2.2.2 8.8.8.8
Print whois report for specified file with IPs, hostnames, or URLs:
megatron.sh --whois infected.txt
Run the organization report (emails an abuse-report to selected organizations):
megatron.sh --create-report se.sitic.megatron.report.OrganizationReportGenerator
Process files in the slurp directory and exports them to a different format:
megatron.sh --slurp --no-db --export
Process files in the slurp directory and save result in the database:
megatron.sh --slurp