prelude-correlator_1.0.0-1.1_all.deb


Advertisement

Description

prelude-correlator - Security Information Management System [ Correlator ]

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe amd64
Package name: prelude-correlator
Package version: 1.0.0
Package release: 1.1
Package architecture: all
Package type: deb
Installed size: 629 B
Download size: 132.24 KB
Official Mirror: archive.ubuntu.com
Prelude is a Universal "Security Information Management" (SIM) system. Prelude collects, normalizes, sorts, aggregates, correlates and reports all security-related events independently of the source or event. This package provides the Prelude Correlator, which is a powerful correlation engine using Python to write correlation rules. The features currently include: * Rapid identification of important security events, enabling the analyst to assign task priorities * Alert correlation originally from heterogeneous sensors deployed on the whole infrastructure * Real-time analysis of events received by the Prelude Manager

Alternatives

    Download

    Source package: prelude-correlator

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install prelude-correlator deb package:
      # sudo apt-get install prelude-correlator

    Files

    • /etc/default/prelude-correlator
    • /etc/init.d/prelude-correlator
    • /etc/prelude-correlator/prelude-correlator.conf
    • /usr/bin/prelude-correlator
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/__init__.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/config.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/context.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/idmef.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/log.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/main.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/pluginmanager.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/require.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/siteconfig.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/utils.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/__init__.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/bruteforce.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/businesshour.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/dshield.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/firewall.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/opensshauth.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/scan.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/spamhausdrop.py
    • /usr/lib/python2.7/dist-packages/PreludeCorrelator/plugins/worm.py
    • /usr/lib/python2.7/dist-packages/prelude_correlator-1.0.0.egg-info/PKG-INFO
    • /usr/lib/python2.7/dist-packages/prelude_correlator-1.0.0.egg-info/dependency_links.txt
    • /usr/lib/python2.7/dist-packages/prelude_correlator-1.0.0.egg-info/entry_points.txt
    • /usr/lib/python2.7/dist-packages/prelude_correlator-1.0.0.egg-info/not-zip-safe
    • /usr/lib/python2.7/dist-packages/prelude_correlator-1.0.0.egg-info/top_level.txt
    • /usr/share/doc/prelude-correlator/NEWS.gz
    • /usr/share/doc/prelude-correlator/README
    • /usr/share/doc/prelude-correlator/README.Debian
    • /usr/share/doc/prelude-correlator/changelog.Debian.gz
    • /usr/share/doc/prelude-correlator/copyright
    • /usr/share/doc/prelude-correlator/examples/sample-plugin/setup.py
    • /usr/share/doc/prelude-correlator/examples/sample-plugin/myplugin/__init__.py
    • /usr/share/doc/prelude-correlator/examples/sample-plugin/myplugin/main.py
    • /var/lib/prelude-correlator/dshield.dat
    • /var/lib/prelude-correlator/spamhaus_drop.dat

    Changelog

    2015-09-28 - Ross Gammon <rossgammon@mail.dk> prelude-correlator (1.0.0-1.1) unstable; urgency=medium * Non-maintainer upload. * Port from python-support to dh-python (Closes: #786006) * Replace pyversions with X-Python-Version

    2010-03-18 - Pierre Chifflier <pollux@debian.org> prelude-correlator (1.0.0-1) unstable; urgency=low * Imported Upstream version 1.0.0 * Fix watch file * Install sample plugin in /usr/share/doc

    2010-03-08 - Pierre Chifflier <pollux@debian.org> prelude-correlator (1.0.0~rc4-1) unstable; urgency=low * Imported Upstream version 1.0.0rc4 * Update watch file * Use --install-layout=deb option to setup.py install * Install example plugin in /usr/share/doc

    2010-02-04 - Pierre Chifflier <pollux@debian.org> prelude-correlator (1.0.0~rc2-1) unstable; urgency=low * New upstream release * Bump standards version to 3.8.4

    2009-11-23 - Pierre Chifflier <pollux@debian.org> prelude-correlator (0.9.0~beta8-2) unstable; urgency=low * Fix paths in setupconfig.py * Use recursive chown on /var/lib/prelude-correlator to also change the .dat files

    2009-11-13 - Pierre Chifflier <pollux@debian.org> prelude-correlator (0.9.0~beta8-1) unstable; urgency=low * New upstream release * Lower setuptools requirement, not useful

    2009-11-02 - Pierre Chifflier <pollux@debian.org> prelude-correlator (0.9.0~beta7-1) unstable; urgency=low * New upstream release: - New SpamhausDrop plugin - Python 2.4 backward compatibility fixes - Handle plugin loading error gracefully - Improve WormPlugin accuracy - Dshield CorrelationAlert now handle multiples events

    2009-09-10 - Pierre Chifflier <pollux@debian.org> prelude-correlator (0.9.0~beta6-2) unstable; urgency=high * Add dependency on python-pkg-resources (Closes: #544561) * Urgency high, serious bug * Bump standards version to 3.8.3 (no changes)

    2009-07-11 - Pierre Chifflier <pollux@debian.org> prelude-correlator (0.9.0~beta6-1) unstable; urgency=low * New Upstream Version

    2009-06-19 - Pierre Chifflier <pollux@debian.org> prelude-correlator (0.9.0~beta5-1) unstable; urgency=low * New upstream release - Prelude Correlator has switched to Python, see http://lists.prelude-ids.org/pipermail/prelude-user/2009-April/005163.html for the explanation. - Support DShield <http://www.dshield.org/> correlation * Switch package to architecture-independant * Use python-support * Bump standards version to 3.8.2 (no changes)

    Advertisement
    Advertisement