Sophie

Sophie

distrib > * > 2010.0 > * > by-pkgid > a404a3ec3d7138eb3ec99dd80355fdfd > files > 24

brouette-0.1-0.10045.5mdv2010.0.i586.rpm

<html>

<head>
<title>Brouette - Event collector for prelude manager</title>
</head>

<body>

<div align="center">
<h1>Brouette<br/>event collector for prelude manager</h1>
</div>
<h2>Introduction</h2>
<table>
<tr>
<td>
<img src="brouette-in-action.png">
</td>
<td>
<b>Brouette</b> is a monitoring tool that capture events from prelude manager using the <a href="https://trac.prelude-ids.org/trac/libprelude/libprelude-prelude-connection-pool.html#prelude-connection-pool-check-event">prelude connection pool event checker</a>.<br/>
Its purpose is to help security managers and/or administrators to see in real time what's going on in their network. It is a desktop oriented application, which uses the <a href="http://www.galago-project.org">notify library</a>.
</td>
</tr>
</table>
<h2>Installation</h2>
It requires a working prelude environment. You might get some help in the <a href="https://trac.prelude-ids.org/wiki/PreludeHandbook">Prelude Handbook</a> if nothing is installed.<br/>
Once you have prelude manager up and running, you have to register your sensor. It only needs read access rights.<br/>
<p>
On brouette side, register it using:
<pre>
prelude-adduser register "brouette" "idmef:r admin:r" 127.0.0.1 --uid desktop_user_uid --gid desktop_user_gid
</pre>
If <b>127.0.0.1</b> is the address where your manager is listening. Replace <b>desktop_user_uid</b> and <b>desktop_user_gid</b> by your respective user and group id.<br/>
</p>
<p>
On your manager side, please run:
<pre>
prelude-adduser registration-server prelude-manager
</pre>
if <b>prelude-manager</b> is the name of your manager.<br/>
</p>
For detailed informations about this procedure, please refer to the <a href="https://trac.prelude-ids.org/wiki/RegisteringASensor">Registering a Sensor</a> section in the Prelude Handbook.
<h2>Usage</h2>
Just run:
<pre>
brouette 127.0.0.1
</pre>
If <b>127.0.0.1</b> is the address where your manager is listening.<br/>
You can now enjoy being disturbed by any alert event :-) Please tune your IDS for less annoying informations.
</body>

</html>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional