Prelude Library (http://www.prelude-ids.org) by Yoann Vandoorselaere Prelude Library Overview ======================== The Prelude Library is used to make sensor developers' life better by providing features used by every sensor: - Manager(s) Connection management (with fallback in case all configured Managers are down, and automatic reconnection). - Interface to communicate with the Prelude Manager. - Asynchronous Message interface (allowing sensor to emmit message without blocking, even if there is latency on the wire). - Asynchronous timer interface. - Generic configuration API, providing a generic abstraction for command-line, configuration file option, and wide option support. - Wide option managment allowing sensor-exported options to be directly accessible from the Manager administrative console. - Generic plugin API. Prelude Communication ===================== Prelude IDS uses unique optimized implementation of the XML based IDMEF message format to transmit alerts between the sensors and the manager and between managers. Using IDMEF, Prelude provides a generic method for virtually any type of sensors to describe precisely the content of an alert. Thanks to decoding plugins of the Manager side, a sensor can decide not to use the IDMEF facilities and send information using a customized protocol based on low-level Prelude Messaging API (note: It is then necessary to provide the correct decoding plugin on the Manager side). Note that the sensor can also use both methods. IRC === If there's something you just can't find out elsewhere, you want to give feedback directly to the authors or you're just bored, visit #prelude on irc.freenode.net Get Support =========== Prelude-user mailing list archives can be accessed at: http://listes.tuxfamily.org/?A=LIST&L=prelude-user_prelude-ids.org If you want to subscribe to the list, please send a mail to: prelude-user-subscribe@prelude-ids.org Help development ================ 1. SUBMITTING PATCHES The Prelude source is constantly changing. If you want to submit a patch, please do so from the most recent CVS source tree, subscribe to the prelude-devel mailing list by sending a mail to: prelude-devel-subscribe@prelude-ids.org and post your patch with a description of functionality. You can also attach patches to bugs on http://bugs.prelude-ids.org 2. BUGS If you find any bugs, please report them to: http://bugs.prelude-ids.org Please make sure that what you're reporting is actually a BUG and not a problem on your side. 3. SUGGESTIONS Subscribe to prelude-devel and give us your suggestions.