Prelude Compatibility¶
Prelude is a SEM system capable of interoperating with all the systems available on the market.
Prelude provides a C, C++, Python, Ruby, Lua and Perl framework so that you can convert existing security applications to use the Prelude system (Native compatibility). It also provides some home-made sensors such as the Prelude-LML log analyzer (Log Compatibility) or the Prelude-Import data importer which is a commercial module. A Prelude sensor is a program which has the ability of using the Prelude framework.
Native Compatibility¶
The native compatibility existing between Prelude and certain security solutions improves the quality of the data collection and configuration possibilities.
AuditD | The Linux Audit Daemon | |||
Nepenthes | A versatile tool to collect malware | |||
ufwi-filterd | An identity access management solution at the network level | |||
OSSEC | An Open Source Host-based Intrusion Detection System | |||
Pam | Linux Pluggable Authentication Modules | |||
Samhain | A file integrity checker | |||
Sancp | A network traffic statistical information collector | |||
Snort | The Defacto Standard Open Source IDS | |||
Suricata (new) | Maybe the future Defacto Standard Open Source IDS |
Learn more and install the Prelude native sensors with the 3rd Party Agent Installation Page
Log Compatibility¶
Prelude depends on no single brand or format and is capable of analyzing any type of log (system logs, syslog, flat files, etc.)
Example of supported logs:Firewall, Routers & VPN | BIG-IP, Check Point, CISCO ASA, CISCO IOS, CISCO Router, CISCO VPN, D-Link, Ipchains, IpFw, Juniper Networks NetScreen, Linksys WAP11, ModSecurity v2, Netfilter, SonicGuard SonicWall, Symantec, xg45-datapower | |||
Switchs | CISCO CSS | |||
IDS | CISCO IPS, Portsentry, Shadow, Tripwire | |||
Monitoring | APC-EMU, ArpWatch, Dell OpenManage, Nagios | |||
AntiVirus/AntiSpam | ClamAV, P3Scan, SpamAssassin, Navce | |||
Database | Microsoft SQL Server, Oracle | |||
SMTP/POP Server | Exim, Postfix, Qpopper, Sendmail, Vpopmail | |||
FTP Server | ProFTPD, WU-FTPD | |||
Web Server | Apache | |||
Vulnerability Scanner | Nessus | |||
Honeypots | Honeyd, Honeytrap, Kojoney | |||
Authentication | OpenSSH, Su, Radius | |||
Applications | Asterisk, Cacti, Libsafe, Shadow Utils, Squid, Sudo, Cisco ACE, Pam, Pcanywhere | |||
OS (security tools) | GrSecurity, PaX, SELinux | |||
Miscellaneous | Unix specific logs, Webmin, Windows Server, Arbor, Linux bonding, Microsoft Cluster Service, NetApp ONTAP, NTSyslog, OpenHostAPD, Rishi, Suhosin, Vigor |