Name: prelude-manager
Version: 5.2.0
Release: %mkrel 4
Summary: Prelude SIEM Manager
License: GPLv2+
Group: System/Servers
URL: https://www.prelude-siem.org/
Source0: https://www.prelude-siem.org/pkg/src/%{version}/%{name}-%{version}.tar.gz
Source1: %{name}.service
Source2: %{name}-tmpfiles.conf
BuildRequires: pkgconfig(gnutls)
BuildRequires: pkgconfig(libmaxminddb)
BuildRequires: pkgconfig(libprelude) >= %{version}
BuildRequires: pkgconfig(libxml-2.0)
#BuildRequires: pkgconfig(netsnmp)
BuildRequires: preludedb-devel >= %{version}
BuildRequires: tcp_wrappers-devel
Requires: prelude-tools
Requires: tcp_wrappers
Requires(post): systemd >= %{systemd_required_version}
Requires(post): rpm-helper
Requires(postun): rpm-helper
Requires(pre): rpm-helper
Requires(preun): rpm-helper
Obsoletes: prelude-doc <= %{version}-%{release}
Obsoletes: prelude < %{version}-%{release}
Provides: prelude = %{version}-%{release}
%description
Prelude Manager is the main program of the Prelude SIEM
suite. It is a multithreaded server which handles connections from
the Prelude sensors. It is able to register local or remote
sensors, let the operator configure them remotely, receive alerts,
and store alerts in a database or any format supported by
reporting plugins, thus providing centralized logging and
analysis. The IDMEF standard is used for alert representation.
Support for filtering plugins allows you to hook in different
places in the Manager to define custom criteria for alert relaying
and logging.
%package db-plugin
Summary: Database report plugin for Prelude SIEM Manager
Group: System/Servers
Requires: %{name} = %{version}-%{release}
%description db-plugin
Prelude Manager is the main program of the Prelude SIEM
suite. It is a multithreaded server which handles connections from
the Prelude sensors. It is able to register local or remote
sensors, let the operator configure them remotely, receive alerts,
and store alerts in a database or any format supported by
reporting plugins, thus providing centralized logging and
analysis. The IDMEF standard is used for alert representation.
Support for filtering plugins allows you to hook in different
places in the Manager to define custom criteria for alert relaying
and logging.
This plugin authorize prelude-manager to write to database
%package xml-plugin
Summary: XML report plugin for Prelude SIEM Manager
Group: System/Servers
Requires: %{name} = %{version}-%{release}
%description xml-plugin
Prelude Manager is the main program of the Prelude SIEM
suite. It is a multithreaded server which handles connections from
the Prelude sensors. It is able to register local or remote
sensors, let the operator configure them remotely, receive alerts,
and store alerts in a database or any format supported by
reporting plugins, thus providing centralized logging and
analysis. The IDMEF standard is used for alert representation.
Support for filtering plugins allows you to hook in different
places in the Manager to define custom criteria for alert relaying
and logging.
This plugin adds XML logging capabilities to the Prelude SIEM
Manager.
%package devel
Summary: Libraries, includes, etc. to develop Prelude SIEM Manager plugins
Group: Development/C
Requires: %{name} = %{version}-%{release}
Requires: %{name}-db-plugin = %{version}-%{release}
Requires: %{name}-xml-plugin = %{version}-%{release}
%description devel
Prelude Manager is the main program of the Prelude SIEM
suite. It is a multithreaded server which handles connections from
the Prelude sensors. It is able to register local or remote
sensors, let the operator configure them remotely, receive alerts,
and store alerts in a database or any format supported by
reporting plugins, thus providing centralized logging and
analysis. The IDMEF standard is used for alert representation.
Support for filtering plugins allows you to hook in different
places in the Manager to define custom criteria for alert relaying
and logging.
Install this package if you want to build Prelude SIEM Manager
Plugins.
%prep
%setup -q
%build
%configure \
--disable-static \
--enable-shared \
--enable-libmaxminddb \
--disable-snmp
%make_build
%install
%make_install
find %{buildroot} -name '*.la' -delete
%{__mkdir_p} %{buildroot}%{_localstatedir}/lib/%{name}
%{__mkdir_p} %{buildroot}%{_sysconfdir}/prelude/profile/%{name}
%{__mkdir_p} %{buildroot}%{_var}/spool/%{name}/scheduler
%{__mkdir_p} %{buildroot}%{_sbindir}
%{__mv} %{buildroot}%{_bindir}/%{name} %{buildroot}%{_sbindir}/%{name}
# install init script
%{__install} -D -p -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service
# tmpfiles
%{__install} -D -p -m 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/%{name}.conf
# fix logrotate stuff
%{__mkdir_p} %{buildroot}%{_sysconfdir}/logrotate.d
%{__cat} > %{buildroot}%{_sysconfdir}/logrotate.d/%{name} << EOF
%{_logdir}/%{name}/prelude.log %{_logdir}/%{name}/prelude-xml.log {
missingok
postrotate
[ -f %{_var}/lock/subsys/%{name} ] && %{_initrddir}/%{name} restart
endscript
}
EOF
# make the logdir
%{__mkdir_p} %{buildroot}%{_logdir}/%{name}
/bin/touch %{buildroot}%{_logdir}/%{name}/prelude.log
/bin/touch %{buildroot}%{_logdir}/%{name}/prelude-xml.log
# fix a README.urpmi
%{__cat} > README.urpmi << EOF
If you want database support (required for prewikka),
you should install a preludedb package such as preludedb-mysql and
then do something like the following:
%{_bindir}/mysqladmin create prelude
echo "GRANT ALL PRIVILEGES ON prelude.* TO prelude@'localhost' IDENTIFIED BY 'prelude';" | %{_bindir}/mysql -h localhost
%{_bindir}/mysql -h localhost -u prelude prelude -p < %{_datadir}/libpreludedb/classic/mysql.sql
%{_bindir}/mysql -h localhost -u prelude prelude -p < %{_datadir}/libpreludedb/classic/addIndices.sql
EOF
%post
%_tmpfilescreate %{name}
%create_ghostfile %{_logdir}/prelude-manager/prelude.log prelude-manager prelude-manager 640
%create_ghostfile %{_logdir}/prelude-manager/prelude-xml.log prelude-manager prelude-manager 640
[ ! -f %{_sysconfdir}/prelude/profile/%{name}/analyzerid ] && [ -x %{_bindir}/prelude-adduser ] && \
%{_bindir}/prelude-adduser add prelude-manager --uid `%{__id} -u prelude-manager` --gid `%{__id} -g prelude-manager` >/dev/null 2>&1 || :
%_post_service %{name}
%preun
%_preun_service %{name}
%pre
%_pre_useradd prelude-manager %{_localstatedir}/lib/%{name} /bin/false
%postun
%_postun_userdel prelude-manager
%files
%doc AUTHORS COPYING ChangeLog HACKING.README NEWS README README.urpmi
%doc %{_docdir}/%{name}/smtp/template.example
%{_unitdir}/%{name}.service
%attr(0755,root,root) %{_sbindir}/%{name}
%dir %{_libdir}/%{name}
%dir %{_libdir}/%{name}/decodes
%dir %{_libdir}/%{name}/filters
%dir %{_libdir}/%{name}/reports
%attr(0755,root,root) %{_libdir}/%{name}/filters/idmef-criteria.so
%attr(0755,root,root) %{_libdir}/%{name}/filters/thresholding.so
%attr(0755,root,root) %{_libdir}/%{name}/reports/debug.so
%attr(0755,root,root) %{_libdir}/%{name}/reports/relaying.so
%attr(0755,root,root) %{_libdir}/%{name}/reports/script.so
%attr(0755,root,root) %{_libdir}/%{name}/reports/smtp.so
%attr(0755,root,root) %{_libdir}/%{name}/reports/textmod.so
%attr(0755,root,root) %{_libdir}/%{name}/decodes/normalize.so
%attr(0750,prelude-manager,prelude-manager) %dir %{_var}/spool/%{name}
%attr(0750,prelude-manager,prelude-manager) %dir %{_var}/spool/%{name}/scheduler
%dir %attr(0750,prelude-manager,prelude-manager) %{_logdir}/%{name}
%{_tmpfilesdir}/%{name}.conf
%ghost %attr(0640,prelude-manager,prelude-manager) %{_logdir}/%{name}/prelude.log
%ghost %attr(0640,prelude-manager,prelude-manager) %{_logdir}/%{name}/prelude-xml.log
%dir %attr(0750,prelude-manager,prelude-manager) %{_localstatedir}/lib/%{name}
%dir %attr(0750,prelude-manager,prelude-manager) %{_sysconfdir}/prelude/profile/%{name}
%dir %{_sysconfdir}/%{name}
%attr(0640,root,prelude-manager) %config(noreplace) %{_sysconfdir}/%{name}/*.conf
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%{_mandir}/man1/%{name}.1*
%files db-plugin
%{_libdir}/%{name}/reports/db.so
%files xml-plugin
%{_libdir}/%{name}/reports/xmlmod.so
%{_datadir}/%{name}/xmlmod/idmef-message.dtd
%dir %{_datadir}/%{name}/
%dir %{_datadir}/%{name}/xmlmod
%files devel
%doc AUTHORS ChangeLog NEWS README
%license COPYING HACKING.README
%dir %{_includedir}/%{name}
%{_includedir}/%{name}/*.h
%changelog
* Sun Apr 16 2023 daviddavid <daviddavid> 5.2.0-4.mga9
+ Revision: 1953381
- remove no more needed old pcre-devel build dependency
* Sat Mar 11 2023 daviddavid <daviddavid> 5.2.0-3.mga9
+ Revision: 1948607
- add pcre-devel to fix build
- add missing BRs
* Sun Apr 03 2022 umeabot <umeabot> 5.2.0-2.mga9
+ Revision: 1841417
- Mageia 9 Mass Rebuild
* Fri Sep 18 2020 daviddavid <daviddavid> 5.2.0-1.mga8
+ Revision: 1628576
- new version: 5.2.0
* Sun Feb 16 2020 umeabot <umeabot> 5.1.0-2.mga8
+ Revision: 1536663
- Mageia 8 Mass Rebuild
+ wally <wally>
- replace deprecated %%configure2_5x
* Sun Oct 20 2019 daviddavid <daviddavid> 5.1.0-1.mga8
+ Revision: 1454768
- new version: 5.1.0
* Sun Feb 24 2019 daviddavid <daviddavid> 5.0.0-1.mga7
+ Revision: 1369827
- new version: 5.0.0
* Sun Sep 23 2018 umeabot <umeabot> 4.1.1-2.mga7
+ Revision: 1300372
- Mageia 7 Mass Rebuild
* Sat Jan 13 2018 daviddavid <daviddavid> 4.1.1-1.mga7
+ Revision: 1192765
- new version: 4.1.1
* Sat Sep 23 2017 daviddavid <daviddavid> 4.0.0-1.mga7
+ Revision: 1157811
- new version: 4.0.0
- update Summary and description
* Sat Oct 15 2016 daviddavid <daviddavid> 3.1.0-1.mga6
+ Revision: 1060911
- new version: 3.1.0 (mga#19451)
- update BRs list
- fix some ownership dir
* Mon Jan 11 2016 luigiwalser <luigiwalser> 1.2.6-3.mga6
+ Revision: 921833
- rebuild for gnutls
+ tv <tv>
- rebuild for new libpreludedb
* Fri Sep 11 2015 fwang <fwang> 1.2.6-1.mga6
+ Revision: 876907
- mark doc file
- 1.2.6
* Wed Oct 15 2014 umeabot <umeabot> 1.0.2-7.mga5
+ Revision: 740585
- Second Mageia 5 Mass Rebuild
* Tue Sep 16 2014 umeabot <umeabot> 1.0.2-6.mga5
+ Revision: 687773
- Mageia 5 Mass Rebuild
* Sat Oct 19 2013 umeabot <umeabot> 1.0.2-5.mga4
+ Revision: 522667
- Mageia 4 Mass Rebuild
* Sun Mar 24 2013 colin <colin> 1.0.2-4.mga3
+ Revision: 404859
- Add systemd requires and general post/pre fixes (mga#9302)
* Sat Jan 19 2013 colin <colin> 1.0.2-3.mga3
+ Revision: 389820
- Use tmpfiles for runtime dir creation
+ cjw <cjw>
- fix build with automake 1.13
+ umeabot <umeabot>
- Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild
+ fwang <fwang>
- fix build with latest automake
* Mon Sep 03 2012 fwang <fwang> 1.0.2-1.mga3
+ Revision: 287463
- fix build with glibc 2.16
- add prelude-manager.service
* Wed Sep 21 2011 fwang <fwang> 1.0.1-3.mga2
+ Revision: 146366
- drop .la files
- rebuild for new gnutls
* Sun Mar 06 2011 ennael <ennael> 1.0.1-1.mga1
+ Revision: 65653
- imported package prelude-manager
* Sat Nov 27 2010 Funda Wang <fwang@mandriva.org> 1.0.1-1mdv2011.0
+ Revision: 601782
- update to new version 1.0.1
* Sun Apr 25 2010 Funda Wang <fwang@mandriva.org> 1.0.0-1mdv2010.1
+ Revision: 538664
- New version 1.0.0
* Wed Mar 17 2010 Oden Eriksson <oeriksson@mandriva.com> 0.9.15-2mdv2010.1
+ Revision: 523722
- rebuilt for 2010.1
* Sat Jul 11 2009 Frederik Himpe <fhimpe@mandriva.org> 0.9.15-1mdv2010.0
+ Revision: 394824
- update to new version 0.9.15
* Sat May 30 2009 Funda Wang <fwang@mandriva.org> 0.9.14.2-2mdv2010.0
+ Revision: 381472
- use pkgconfig to detect gnutls
* Sat Aug 30 2008 Jérôme Soyer <saispo@mandriva.org> 0.9.14.2-1mdv2009.0
+ Revision: 277552
- New release
* Wed Aug 06 2008 Funda Wang <fwang@mandriva.org> 0.9.14.1-1mdv2009.0
+ Revision: 264154
- New version 0.9.14.1
* Fri Jul 18 2008 Funda Wang <fwang@mandriva.org> 0.9.14-1mdv2009.0
+ Revision: 238170
- add missing file
- New version 0.9.14
* Wed Jun 18 2008 Thierry Vignaud <tv@mandriva.org> 0.9.11-2mdv2009.0
+ Revision: 225059
- rebuild
+ Pixel <pixel@mandriva.com>
- adapt to %%_localstatedir now being /var instead of /var/lib (#22312)
* Tue Feb 05 2008 Funda Wang <fwang@mandriva.org> 0.9.11-1mdv2008.1
+ Revision: 162771
- New version 0.9.11
* Tue Jan 22 2008 Funda Wang <fwang@mandriva.org> 0.9.10-3mdv2008.1
+ Revision: 156064
- rebuild against latest gnutls
+ Olivier Blin <oblin@mandriva.com>
- restore BuildRoot
+ Thierry Vignaud <tv@mandriva.org>
- kill re-definition of %%buildroot on Pixel's request
* Tue Oct 30 2007 David Walluck <walluck@mandriva.org> 0.9.10-2mdv2008.1
+ Revision: 103867
- fix BuildRequires
+ Jérôme Soyer <saispo@mandriva.org>
- New release
* Sat Aug 04 2007 David Walluck <walluck@mandriva.org> 0.9.9-1mdv2008.0
+ Revision: 58857
- 0.9.9
* Sat Jun 23 2007 David Walluck <walluck@mandriva.org> 0.9.8-6mdv2008.0
+ Revision: 43507
- fix call to prelude-adduser
* Wed May 16 2007 David Walluck <walluck@mandriva.org> 0.9.8-5mdv2008.0
+ Revision: 27435
- create /var/spool/prelude-manager/scheduler
- fix prelude-manager location in prelude-manager.init
- fix prelude obsoletes version
- require on release
- devel package requires %%{name}-db-plugin and %%{name}-xml-plugin
- create %%{_sysconfdir}/prelude/profile/%%{name}
- run %%{_bindir}/prelude-adduser in %%post if necessary
* Wed May 16 2007 David Walluck <walluck@mandriva.org> 0.9.8-4mdv2008.0
+ Revision: 27271
- add requires on rpm-helper where needed
- give full path to prelude-adduser in README.urpmi
* Wed May 16 2007 David Walluck <walluck@mandriva.org> 0.9.8-3mdv2008.0
+ Revision: 27268
- fix spelling and LSB-compliance in prelude-manager.init
- add ghost prelude-xml.log
- set strict permissions in file list
- move prelude-manager to %%{_sbindir}
- don't run prelude-manager as root but as prelude-manager user
- update install notes in README.urpmi
* Wed May 02 2007 David Walluck <walluck@mandriva.org> 0.9.8-1mdv2008.0
+ Revision: 20614
- add new threshold filter
- 0.9.8
* Fri Mar 16 2007 David Walluck <walluck@mandriva.org> 0.9.7.2-1mdv2007.1
+ Revision: 145271
- 0.9.7.2
* Sun Jan 07 2007 David Walluck <walluck@mandriva.org> 0.9.7.1-1mdv2007.1
+ Revision: 105102
- 0.9.7.1
* Sun Oct 22 2006 David Walluck <walluck@mandriva.org> 0.9.6.1-4mdv2007.1
+ Revision: 71650
- update README.urpmi
- add database notes to README.urpmi
* Thu Oct 19 2006 David Walluck <walluck@mandriva.org> 0.9.6.1-2mdv2007.1
+ Revision: 71047
- fix build
- 0.9.6.1
- Import prelude-manager
* Fri Jun 16 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.5-1mdv2007.0
- 0.9.5 (Major bugfixes)
* Thu Mar 30 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.4.1-1mdk
- 0.9.4.1 (Major bugfixes)
* Sat Mar 18 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.4-1mdk
- 0.9.4 (Major bugfixes)
* Thu Feb 09 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.3-2mdk
- fix deps (#21080)
* Thu Feb 09 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.3-1mdk
- 0.9.3 (Major bugfixes)
* Tue Jan 31 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.2-1mdk
- 0.9.2 (Major bugfixes)
* Wed Jan 11 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.1-2mdk
- fix deps
* Tue Jan 10 2006 Oden Eriksson <oeriksson@mandriva.com> 0.9.1-1mdk
- 0.9.1
* Sun Nov 13 2005 Oden Eriksson <oeriksson@mandriva.com> 0.8.10-5mdk
- rebuilt against openssl-0.9.8a
* Sun Oct 30 2005 Oden Eriksson <oeriksson@mandriva.com> 0.8.10-4mdk
- rebuilt against MySQL-5.0.15
* Thu Apr 21 2005 Oden Eriksson <oeriksson@mandriva.com> 0.8.10-3mdk
- rebuilt against new postgresql libs
* Tue Jan 25 2005 Oden Eriksson <oeriksson@mandrakesoft.com> 0.8.10-2mdk
- rebuilt against MySQL-4.1.x and PostgreSQL-8.x system libs
- fix conflicting declaration with MySQL-4.1.x
- fix deps
* Tue Jul 27 2004 Per Ãyvind Karlsen <peroyvind@linux-mandrake.com> 0.8.10-1mdk
- 0.8.10
- add docs
- drop P0 & P1 (fixed upstream)
distrib
>
Mageia
>
9
>
armv7hl
>
media
>
core-release-src
>
by-pkgid
>
41bbecb6f44025cce3226745de4ec318
>
files
>
4
