Back to 3rd Party Agents Installation
Installing SanCP¶
This section explains how to install SanCP, including Prelude support, from the tarball available from the main website. However, SanCP might be included with your distribution as a package and it would be easier to install it this way.
Get the sources¶
Prelude support is included in the SanCP since release 1.6.2 rc5. Download SanCP 1.6.5rc5 at http://metre.net/files/sancp-1.6.2-candidate.C.5.tar.gz
Then, edit the Makefile and remove comments in front of:
#PRELUDE-CFLAGS=@libprelude-config --cflags@ #PRELUDE-LIBS=@libprelude-config --libs@ #PRELUDE-SUPPORT=1
Then, compile (here on Linux) SanCP using the following:
$ make linux
Configuration¶
No configuration is required.
Registering SanCP profile¶
You now you need to create SanCP profile with a command like:
prelude-adduser register Sancp "idmef:w" localhost --uid 0 --gid 0
and follow the instructions. If the registration is successful - you are ready to test your installation. Please check the Agents Registration Page for more details about sensors registration.
Running SanCP¶
Before running SanCP, please make sure to read the General Configuration Page. It is very important for the server-addr parameters to be set to the Prelude-Manager address.
sancp -i eth0
See the SanCP manual pages and documentation included with sources for more options.