Hello,

I would like to add SNORT sensor to PRELUDE.
I have followed the procédure but it does not run.

SNORT is installed on a VM. SNORT works good.
PRELUDE (manager,LML and correlator) is installed on other VM. I have created a SNORT profile and register SNORT sensor. I have succeeded.

I have restarted all PRELUDE services (prelude-manager, prelude-lml, prelude-correlator, prewikka)
The SNORT sensor does not appears in agents list on PREWIKKA's web gui

Then, i have found many configuration on the web, like :
- Snort's compilation (./configure --enable-prelude --with-mysql) = configure: WARNING: unrecognized options: --enable-prelude, --with-mysql
- Adding a line in the file snort.conf (output alert_prelude: profile=snort) = ERROR: /etc/snort/snort.conf(527) Unknown output plugin: "alert_prelude"

Can you help me for configure the SNORT sensor with PRELUDE ?

I have probably the same problem with the OSSEC sensor...

Thank you in advance for your quality support

PS :
PRELUDE version : 3.1.0
PRELUDE DB : MYSQL
SNORT version : 2.9.8.3
Both is installed on CENT-OS 6.8