lunar (1) prelude-manager.1.gz

Provided by: prelude-manager_5.2.0-2build2_amd64 bug

NAME

       prelude-manager - Collects and normalize events.

SYNOPSIS

       prelude-manager [options]

DESCRIPTION

       Prelude  Manager  is a high-availability server which can collect, filter, relay, reverse-
       relay, normalize and store events.  Events  can  come  from  registered  analyzers  and/or
       managers.  The common usage is to store nomalized events into a database, thus this can be
       extended to store information in plain text or xml files.

OPTIONS

       Some prelude-manager option are contextual, they have to be prefixed by another.

       --prelude Prelude generic options

       --profile=<name> Profile to use for this analyzer

       --heartbeat-interval=<interval> Number of seconds between two heartbeat

       --server-addr=<address> Address where this sensor should report to (addr:port)

       --analyzer-name=<name> Name for this analyzer

       --db=<INAME>
            Options for the libpreludedb plugin

            -t, --type=<type> Type of database (mysql/pgsql/sqlite3)

            -l, --log=<file name> Log all queries in a file, should be only  used  for  debugging
            purpose

            -h,  --host=<address>  The  host  where  the  database  server is running (in case of
            client/server database)

            -f, --file=<file name> The file where the database is stored (in case of  file  based
            database)

            -p,  --port=<port number> The port where the database server is listening (in case of
            client/server database)

            -d, --name=<name> The name of the database where the alerts will be stored

            -u, --user=<user> User of the database (in case of client/server database)

            -P, --pass=<password> Password for the user (in case of client/server database)

       --debug=<INAME>
            Option for the debug plugin

            -o, --object=<name> Name of IDMEF object to print (no object provided will print  the
            entire message)

            -l, --logfile=<file name> Specify output file to use (default to stdout)

       --relaying=<INAME>
            Relaying plugin option

            -p,  --parent-managers=<address>  List  of  managers address:port pair where messages
            should be sent to

       --textmod=<INAME>
            Option for the textmod plugin

            -l, --logfile=<file name> Specify logfile to use

       --xmlmod=<INAME>
            Option for the xmlmod plugin

            -l, --logfile=<file name> Specify output file to use

            -v, --validate=<xml> Validate IDMEF XML output against DTD

            -f, --format=<format> Format XML output so that it is readable

            -d, --disable-buffering=<boolean> Disable output file buffering to prevent  truncated
            tags

            --idmef-criteria-filter=<INAME> Filter message based on IDMEF criteria

            -r, --rule=<rule> Filter rule, or filename containing rule

            --hook=<value>  Where  the filter should be hooked (reporting|reverse-relaying|plugin
            name)

       --config=<file name>
            Configuration file to use

       -v, --version
            Print version number

       -D, --debug-level=<level>
            Run in debug mode

       -d, --daemon
            Run in daemon mode

       -P, --pidfile=<file name>
            Write Prelude PID to pidfile

       -c, --child-managers=<address>
            List of managers address:port pair where messages should be gathered from

       -l, --listen=<address>
            Address the sensors server should listen on (addr:port)

       -f, --failover=<boolean>
            Enable failover for specified report plugin

       -h, --help
            Print help

FILES

       /etc/prelude/prelude-manager.conf - the configuration file

BUGS

       This man page hadn't been proof-read yet.

SEE ALSO

       prelude-adduser(1)

                                                                               prelude-manager(1)