1prelude-manager(1)          General Commands Manual         prelude-manager(1)
2
3
4

NAME

6       prelude-manager - Collects and normalize events.
7

SYNOPSIS

9       prelude-manager [options]
10

DESCRIPTION

12       Prelude  Manager  is a high-availability server which can collect, fil‐
13       ter, relay, reverse-relay, normalize and store events. Events can  come
14       from registered analyzers and/or managers. The common usage is to store
15       nomalized events into a database, thus this can be  extended  to  store
16       informations in plain text or xml files.
17
18

OPTIONS

20       Some prelude-manager option are contextual, they have to be prefixed by
21       another.
22
23       --prelude Prelude generic options
24
25       --profile=<name> Profile to use for this analyzer
26
27       --heartbeat-interval=<interval> Number of seconds between two heartbeat
28
29       --server-addr=<address> Address where  this  sensor  should  report  to
30       (addr:port)
31
32       --analyzer-name=<name> Name for this analyzer
33
34
35       --db=<INAME>
36            Options for the libpreludedb plugin
37
38            -t, --type=<type> Type of database (mysql/pgsql/sqlite3)
39
40            -l,  --log=<file  name>  Log all queries in a file, should be only
41            used for debugging purpose
42
43            -h, --host=<address> The host where the database server is running
44            (in case of client/server database)
45
46            -f,  --file=<file  name> The file where the database is stored (in
47            case of file based database)
48
49            -p, --port=<port number> The port where  the  database  server  is
50            listening (in case of client/server database)
51
52            -d,  --name=<name>  The name of the database where the alerts will
53            be stored
54
55            -u, --user=<user> User of the database (in case  of  client/server
56            database)
57
58            -P,   --pass=<password>   Password   for  the  user  (in  case  of
59            client/server database)
60
61
62
63       --debug=<INAME>
64            Option for the debug plugin
65
66            -o, --object=<name> Name of IDMEF object to print (no object  pro‐
67            vided will print the entire message)
68
69            -l,  --logfile=<file  name> Specify output file to use (default to
70            stdout)
71
72
73
74       --relaying=<INAME>
75            Relaying plugin option
76
77            -p, --parent-managers=<address> List of managers address:port pair
78            where messages should be sent to
79
80
81
82       --textmod=<INAME>
83            Option for the textmod plugin
84
85            -l, --logfile=<file name> Specify logfile to use
86
87
88
89       --xmlmod=<INAME>
90            Option for the xmlmod plugin
91
92            -l, --logfile=<file name> Specify output file to use
93
94            -v, --validate=<xml> Validate IDMEF XML output against DTD
95
96            -f, --format=<format> Format XML output so that it is readable
97
98            -d, --disable-buffering=<boolean> Disable output file buffering to
99            prevent truncated tags
100
101            --idmef-criteria-filter=<INAME> Filter message based on IDMEF cri‐
102            teria
103
104            -r, --rule=<rule> Filter rule, or filename containing rule
105
106            --hook=<value>   Where   the  filter  should  be  hooked  (report‐
107            ing|reverse-relaying|plugin name)
108
109
110
111       --config=<file name>
112            Configuration file to use
113
114       -v, --version
115            Print version number
116
117       -D, --debug-level=<level>
118            Run in debug mode
119
120       -d, --daemon
121            Run in daemon mode
122
123       -P, --pidfile=<file name>
124            Write Prelude PID to pidfile
125
126       -c, --child-managers=<address>
127            List of managers address:port pair where messages should be  gath‐
128            ered from
129
130       -l, --listen=<address>
131            Address the sensors server should listen on (addr:port)
132
133       -f, --failover=<boolean>
134            Enable failover for specified report plugin
135
136       -h, --help
137            Print help
138
139

FILES

141       /etc/prelude/prelude-manager.conf - the configuration file
142
143

BUGS

145       This man page hadn't been proof-read yet.
146
147

SEE ALSO

149       prelude-adduser(1)
150
151
152
153                                                            prelude-manager(1)
Impressum