-
Notifications
You must be signed in to change notification settings - Fork 0
License
GPL-2.0, Unknown licenses found
Licenses found
GPL-2.0
COPYING
Unknown
LICENSE.README
requiem-forasiem/librequiem
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Requiem Library (http://requiem-forasiem.github.com/requiem/) Requiem Library Overview ======================== The Requiem Library is used to make sensor developers' life better by providing features used by every sensor: - Manager(s) Connection management (with fallback in case all configured Managers are down, and automatic reconnection). - Interface to communicate with the Requiem Manager. - Asynchronous Message interface (allowing sensor to emmit message without blocking, even if there is latency on the wire). - Asynchronous timer interface. - Generic configuration API, providing a generic abstraction for command-line, configuration file option, and wide option support. - Wide option managment allowing sensor-exported options to be directly accessible from the Manager administrative console. - Generic plugin API. Requiem.Communication ===================== Requiem IDS uses unique optimized implementation of the XML based IDMEF message format to transmit alerts between the sensors and the manager and between managers. Using IDMEF, Requiem provides a generic method for virtually any type of sensors to describe precisely the content of an alert. IRC === If there's something you just can't find out elsewhere, you want to give feedback directly to the authors or you're just bored, visit #requiem on irc.freenode.net Get Support =========== Requiem-user mailing list archives can be accessed at: https://groups.google.com/forum/#!forum/requiem-forasiem How to install the Requiem Library ================================== 1. Requiem Library installation If you want to build Requiem, unpack the tarball and cd into the newly created directory. Then type : ./configure make If everything works, su to root and type: make install 2. Generic sensor installation First, all sensors get some generic configuration files, installed in: - $prefix/etc/requiem/default/idmef-client.conf [specific to sensor] - $prefix/etc/requiem/default/global.conf [used by sensor and manager] Theses file contains entry that *may* be shared between several sensor. If a sensor provides the same entry in it's own configuration file, then the sensor will by default use it's own entry. Example of a shared entry (in the default provided generic sensor configuration file) is : server-addr = 127.0.0.1:4690 || x.x.x.x; Which tells the sensor to try to connect to both 127.0.0.1:4690 and x.x.x.x:4690. If both connections work, only the first will be used, but the contrary would happen if you were to use : server-addr = 127.0.0.1:4690 && x.x.x.x; Which mean that both connections should be okay for a sensor message to be considered to be successfully sent. When linked against the Requiem Library, the sensors should be registered in order to setup the sensor for the first time. If you start a sensor without registering it, it'll print out a message like : " Basic file configuration does not exist. Please run : requiem-adduser register requiem-lml "idmef:w admin:r" <manager address> program on the analyzer host to setup this analyzer. " Starting this program with the sensor provided arguments will start the registration procedure for this sensor. The requiem-adduser program will ask you to start the requiem-adduser program on the Manager host: " You now need to start "requiem-adduser" on the server host where you need to register to: use: "requiem-admin registration-server <analyzer-name>" " "analyzer-name" should be substituted by the name of your Manager (requiem-manager is the default, unless you provided a customized analyzer-name option on the requiem-manager command line, or in it's configuration file). The manager host requiem-adduser program will provide you a randomly generated password to be used when sensor side requiem-adduser request it. The requiem-adduser program will then ask you several question, and it will connect to the manager-adduser program. If authentication is okay, the sensors and the Manager will be able to exchange their certificates.
About
No description, website, or topics provided.
Resources
License
GPL-2.0, Unknown licenses found
Licenses found
GPL-2.0
COPYING
Unknown
LICENSE.README
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published