This is the command prelude-manager that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
prelude-manager - Collects and normalize events.
SYNOPSIS
prelude-manager [options]
DESCRIPTION
Prelude Manager is a high-availability server which can collect, filter, relay, reverse-
relay, normalize and store events. Events can come from registered analyzers and/or
managers. The common usage is to store nomalized events into a database, thus this can be
extended to store informations in plain text or xml files.
OPTIONS
Some prelude-manager option are contextual, they have to be prefixed by another.
--prelude Prelude generic options
--profile=<name> Profile to use for this analyzer
--heartbeat-interval=<interval> Number of seconds between two heartbeat
--server-addr=<address> Address where this sensor should report to (addr:port)
--analyzer-name=<name> Name for this analyzer
--db=<INAME>
Options for the libpreludedb plugin
-t, --type=<type> Type of database (mysql/pgsql/sqlite3)
-l, --log=<file name> Log all queries in a file, should be only used for debugging
purpose
-h, --host=<address> The host where the database server is running (in case of
client/server database)
-f, --file=<file name> The file where the database is stored (in case of file based
database)
-p, --port=<port number> The port where the database server is listening (in case of
client/server database)
-d, --name=<name> The name of the database where the alerts will be stored
-u, --user=<user> User of the database (in case of client/server database)
-P, --pass=<password> Password for the user (in case of client/server database)
--debug=<INAME>
Option for the debug plugin
-o, --object=<name> Name of IDMEF object to print (no object provided will print the
entire message)
-l, --logfile=<file name> Specify output file to use (default to stdout)
--relaying=<INAME>
Relaying plugin option
-p, --parent-managers=<address> List of managers address:port pair where messages
should be sent to
--textmod=<INAME>
Option for the textmod plugin
-l, --logfile=<file name> Specify logfile to use
--xmlmod=<INAME>
Option for the xmlmod plugin
-l, --logfile=<file name> Specify output file to use
-v, --validate=<xml> Validate IDMEF XML output against DTD
-f, --format=<format> Format XML output so that it is readable
-d, --disable-buffering=<boolean> Disable output file buffering to prevent truncated
tags
--idmef-criteria-filter=<INAME> Filter message based on IDMEF criteria
-r, --rule=<rule> Filter rule, or filename containing rule
--hook=<value> Where the filter should be hooked (reporting|reverse-relaying|plugin
name)
--config=<file name>
Configuration file to use
-v, --version
Print version number
-D, --debug-level=<level>
Run in debug mode
-d, --daemon
Run in daemon mode
-P, --pidfile=<file name>
Write Prelude PID to pidfile
-c, --child-managers=<address>
List of managers address:port pair where messages should be gathered from
-l, --listen=<address>
Address the sensors server should listen on (addr:port)
-f, --failover=<boolean>
Enable failover for specified report plugin
-h, --help
Print help
Use prelude-manager online using onworks.net services
