This option controls what the snortdb2xml script will do. The following modes are available: ("xml-ids", "xml-sensor" and "bash"). If you specify "xml-ids" (the default), this script will retrieve IDS alert event data from an IDS collector Sguil MariaDB database and generate output in XML (Extensible Markup Language) formatted text to standard output (display). If you specify "xml-sensor", this script will retrieve IDS Engine Sensor information from an IDS collector Sguil MariaDB database and generate output in XML formatted text to standard output (display). Specify "bash" to display internal 'Bash' variables specific to snortdb2xml for 'Bash' scripting integration.

This optional parameter allows one to specify an alternative user name for accessing the IDS collector Sguil MariaDB database. The default user name is: "root"

Use this optional parameter to specify a Clear Text Password necessary for accessing the IDS collector Sguil MariaDB database. If this option is not used, the password associated with the "NSTCTSNORTPASSWD" configuration entry found in the NST configuration file: "/etc/nst.conf" will be used.

Use this optional parameter to specify the IDS collector Sguil MariaDB database server (IP Address or Host Name). A default value of "127.0.0.1" (localhost) will be used if the server parameter is not specified.

Use this option to specify the TCP/IP port number to use to connect to the IDS collector Sguil MariaDB database if it is different from the default port value of "3306".

Use this option for overriding the "--server" value when accessing the MariaDB database. One can still set the "--server" option for linkage back to the NST WUI from within Google Earth when generating a KML document.

Use this optional value to specify the "Start Time" of the first IDS Alert Event to retrieve from the IDS collector Sguil MariaDB database. If this option is omitted, the Unix epoch time (i.e., 1970-01-01 00:00:00) will be used. Use the following formatted date/time string enclosed in double quotes when specifying this option: "YYYY-MM-DD hh:mm:ss" where: YY - Year, MM - Month, DD - Day, hh - Hour, mm - Minute and ss - Second.

Use this optional value to specify the "End Time" of the last IDS Alert Event to retrieve from the IDS collector Sguil MariaDB database. If this option is omitted, the current date and time will be used. Use the following formatted date/time string enclosed in double quotes when specifying this option: "YYYY-MM-DD hh:mm:ss" where: YY - Year, MM - Month, DD - Day, hh - Hour, mm - Minute and ss - Second.

Use this optional parameter to specify a IDS Engine Sensor name filter to be added as a search criterion when retrieving IDS alert events. The "space" and "underscore" characters are interchangeable when specifying the "--sensor-filter" name. Enclose the sensor name filter in double quotes if you choose to uses spaces. If this option is used, it is best to match it with the cooresponding network interface filter: "--netint-filter" option to correctly identify the "IDS Engine Sensor" with its associated "Network Interface". ***Note: If the "--netint-filter" option is used and this option is not, the First Matched IDS Engine Sensor name will be used in the Sguil MariaDB query selection when retrieving IDS data or information.

Use this optional parameter to specify an IDS Network Interface filter to be added as a search criterion when retrieving IDS alert events. If this option is used, it is best to match it with the cooresponding IDS Engine Sensor name filter: "--sensor-filter" option to correctly identify the "IDS Engine Sensor" with its associated "Network Interface". ***Note: If the "--sensor-filter" option is used and this option is not, the First Matched IDS Network Interface name will be used in the Sguil MariaDB query selection when retrieving IDS data or information.

Use this option to add an "Annotation" to the generated IDS XML output. This is used to document the results for historical review and analysis. Enclose the annotation with single or double quotes.

Use this option to enable debug output. This option is mainly used by developers. Output will be switched to table format.

When this option is specified, snortdb2xml will display a short one line description of snortdb2xml, followed by a short description of each of the supported command line options. After displaying this information snortdb2xml will terminate.

This option will attempt to pull up additional snortdb2xml documentation within a text based web browser. You can force which browser we use setting the environment variable TEXTBROWSER, otherwise, we will search for some common ones.

When you set this option to true, snortdb2xml will produce additional output. This is typically used for diagnostic purposes to help track down when things go wrong.

If this option is specified, the version number of the script is displayed.

File containing the IDS collector MariaDB database clear text password that may be used as a default value by this script (See value for configuration entry: 'NSTCTSNORTPASSWD').

Directory containing resource files used by snortdb2xml.

This controls what text based browser is used to display help information about the script. If not set, we will search your system for available text-based browsers (Ex: elinks, lynx ...).