Project

General

Profile

Back to 3rd Party Agents Installation

Installing Nepenthes

This section explains how to install Nepenthes, including Prelude support, from the tarball available from the main website. However, Nepenthes might be included with your distribution as a package and it would be easier to install it this way.

Get the sources

Prelude support is included in the vanilla Nepenthes distribution.
Download Nepenthes from http://nepenthes.mwcollect.org/download

Then, compile and install Nepenthes using the following:

   $ ./configure --enable-prelude
   $ make
   # make install

Configuration

In order to enable Nepenthes to communicate with Prelude-Manager, activate the following section in $prefix/etc/nepenthes/nepenthes.conf:

    "logprelude.so",                "log-prelude.conf",             "" 

You might change the default analyzer-name and analyzer profile by editing $prefix/etc/nepenthes/log-prelude.conf.

Registering Nepenthes profile

You now you need to create Nepenthes profile with a command like:

$ prelude-admin register nepenthes "idmef:w admin:r" <manager address> --uid X --gid X

and follow the instructions. If the registration is successful - you are ready to test your installation. Please check the Agents Registration Page for more details about sensors registration.

Running Nepenthes

Before running Nepenthes, please make sure to read the General Configuration Page. It is very important for the server-addr parameters to be set to the Prelude-Manager address.

 nepenthes

See the nepenthes manual pages and documentation for more options.

Back to 3rd Party Agents Installation