Skip to main content

Python bindings for the Prelude Library

Project description

Prelude is a Universal “Security Information & Event Management” (SIEM) system. Prelude collects, normalizes, sorts, aggregates, correlates and reports all security-related events independently of the product brand or license giving rise to such events; Prelude is “agentless”.

As well as being capable of recovering any type of log (system logs, syslog, flat files, etc.), Prelude benefits from a native support with a number of systems dedicated to enriching information even further (snort, samhain, ossec, auditd, etc.).

Prelude standardizes all the notables or suspicious events to IDMEF standard format (RFC 4765). With this format, events are enriched to facilitate automation and correlation processes but also to provide as much information to the operator (contextualization alerts) to allow it to respond quickly and effectively.

Libprelude is a collection of generic functions providing communication between all Sensors, like IDS (Intrusion Detection System), and the Prelude Manager. It provides a convenient interface for sending and receiving IDMEF (Information and Event Message Exchange Format) alerts to Prelude Manager with transparent SSL, fail-over and replication support, asynchronous events and timer interfaces, an abstracted configuration API (hooking at the command-line, the configuration line, or wide configuration, available from the Manager), and a generic plugin API. It allows you to easily turn your favorite security program into a Prelude sensor.

Installing

Install requirements to build the C part:

yum group install "Development Tools"

yum install python-devel

Install and update using pip:

pip install -U prelude

A Simple Example

import prelude

if __name__ == '__main__':
    idmef = prelude.IDMEF()
    idmef.set("alert.classification.text", "Hello world!")
    print(idmef)

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

prelude-5.1.1-1.tar.gz (81.3 kB view details)

Uploaded Source

File details

Details for the file prelude-5.1.1-1.tar.gz.

File metadata

  • Download URL: prelude-5.1.1-1.tar.gz
  • Upload date:
  • Size: 81.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.7.4 pkginfo/1.3.2 requests/2.19.1 setuptools/0.9.8 requests-toolbelt/0.8.0 clint/0.5.1 CPython/2.7.5 Linux/3.10.0-1062.9.1.el7.x86_64

File hashes

Hashes for prelude-5.1.1-1.tar.gz
Algorithm Hash digest
SHA256 6cfba7026c232827396b9fd550181f1bc5c8f5fbb41b37b02592c55117c623e4
MD5 2fbc58250809c1741a62a833b13cbaf9
BLAKE2b-256 3518ebbdd6f4932f64d5a1c272d7c722227eeb9b49b0cfd3b441ebc28729041e

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page