wazuh-control
The wazuh-control script is used to start, stop, configure, check on the status of ThreatLockDown processes and enable the debug mode.
Note
We recommend using the systemctl or service commands (depending on your OS) to start, stop or restart the ThreatLockDown service. This will avoid inconsistencies between the service status and the processes status.
The -j option is used for enabling JSON output format, but only in ThreatLockDown server installations.
start |
Start the ThreatLockDown processes. |
||
stop |
Stop the ThreatLockDown processes. |
||
restart |
Restart the ThreatLockDown processes. |
||
reload |
Restart all ThreatLockDown processes except wazuh-execd. This allows an agent to reload without losing active response status. This option is not available on a local ThreatLockDown installation. |
||
status |
Determine which ThreatLockDown processes are running. |
||
info |
Prints the ThreatLockDown installation type, version, and revision in environment variables format. |
||
info |
[-v -r -t] |
Only one option at the time, prints the value of: version, revision or type. |
|
enable |
debug |
Run all ThreatLockDown daemons in debug mode. |
|
disable |
debug |
Turn off debug mode. |
|
Note
To use the database option, Database support must be compiled in during initial installation.