Prelude-Manager is a high-availability server that collects and normalizes information from distributed Prelude-IDS sensors and stores them in a database (or any kind of user-provided media). It is part of Prelude, a hybrid Intrusion Detection framework implementing an open communication layer for use by any security application. Prelude-Manager also provide the ability to relay received events to one or several other prelude-manager servers and allows users to filter received events so they can provide specific actions for specific events. Support for filtering plugins allows users to hook into different places in the Manager to define custom criteria for alert relaying and logging.
License: GNU General Public License (GPL)
Changes:
Thread safety when evicting events to disk was improved. The IDMEF message version tag is handled, which will be used in upcoming libprelude versions. Support was added for newer GnuTLS 2.2.0 session priority functions: when the option is available, the user might specify TLS settings through the "tls-options" configuration entry. A possible crash upon destruction of a given client disk pool was fixed. Value verification for the scheduler options was corrected.
More...