Projects / libprelude


The Prelude Library (libprelude) is the glue that binds all aspects of Prelude together. Prelude is a hybrid Intrusion Detection framework implementing an open communication layer for use by any security application. libprelude is a library that enables Prelude components to communicate with the Prelude concentrator. It also makes it easy for third party software to be made 'Prelude Aware' (able to communicate with Prelude components). It provides common, useful features used by every sensor.

Operating Systems

Recent releases

  •  19 Sep 2008 17:37

    Release Notes: This release compiles and runs natively under Win32. A file descriptor closure problem after daemonizing (#311) has been fixed. New API functions allow you to specify the libprelude working prefix, which can also be set using the LIBPRELUDE_PREFIX environment variable (#255). libprelude is now relocatable (use the --enable-relocatable configure option). There are libgcrypt initialization fixes. This release has a complete Win32 glthread backend. There are various bugfixes.

    •  03 Sep 2008 17:50

      Release Notes: Multithreading API independence: support for POSIX, Solaris, pth, and Win32 backends. Automatic node name and address detection. When casting an IDMEF value fails, the unmodified IDMEF value is returned. Non-working uint32 and uint64 to time cast is fixed. A possible double free when casting an IDMEF value is fixed. Unit tests are included. The C++ headers installation path is fixed. A Perl EasyBindings IDMEF->Read() method infinite loop is fixed. A new IDMEF value is handled as a new IDMEF object: the old value is returned if one already exists.

      •  05 Aug 2008 16:20

        Release Notes: EasyBindings have been included. EasyBindings provide simple C++, Python, Perl, Ruby, and Lua bindings for using libprelude. A C API helper was added. A 0.9.18 regression (an alert created with empty CreateTime) was fixed. Reference counting was implemented for the idmef-criteria and prelude-connection API. Automatic casting is done when setting an IDMEF Value to a field that is of different type; until now, if a user tried to set a path of a specific type with an idmef_value_t object containing another type, idmef_path_set() would return an error. Various bugs were fixed.

        •  18 Jul 2008 17:22

          Release Notes: This release supports TLS settings specification through the "tls-options" configuration entry. It works around a rare compression protocol negotiation problem. Variable substitution in Prelude configuration files is implemented. IDMEF criteria with multiples values for a single path are allowed (eg: alert.classification.text = (A || B || C || D). Negation of whole idmef-criteria has been implemented. A possible IDMEFCriteria match problem has been fixed. An API consistency issue that could lead to unexpected behavior has been fixed. There are various other bugfixes.

          •  24 Apr 2008 13:00

            Release Notes: Use RFC 4122 UUIDv1 for unique identifier generation. IDMEF Path API improvement, allowing to destroy value within an IDMEF message, and unified memory handling. Build system cleanup, enable RELRO when possible. Implement an AUTOCONFIG flag, that applications can unset in order for their client not to read the default profile/global configuration. Fix possible assertion when destroying un-started prelude-client. Improvement to the prelude-io API. Headers fixes for C++ build. Fix printing and cloning of empty IDMEF string. Bindings fixes for optional integer retrieval. Various bug fixes.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.