IDS mailing list archives

Re: Prelude IDS

From: Daniel Polombo <polombo () cartel-securite fr>
Date: 07 Nov 2002 10:03:34 +0100

Le mer 06/11/2002 à 07:01, Kavitha Srinivasan a écrit :

Does anyone who has used prelude IDS know in which file the IDMEF messages 
are logged for the alerts detected in the absence of frontend and database.


In the prelude-manager.conf file, you should have a 'logfile =' entry.
For instance, mine reads :

  logfile = /var/log/prelude.log;

However, the alerts are not logged as IDMEF messages, just plain text,
(almost) human-readable format.

--
Daniel

Current thread:

Re: Prelude IDS Kavitha Srinivasan (Nov 06)
- Re: Prelude IDS Krzysztof Zaraska (Nov 07)
- Re: Prelude IDS Daniel Polombo (Nov 07)