1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
%global _empty_manifest_terminate_build 0
Name: python-prelude
Version: 5.1.1
Release: 1
Summary: Python bindings for the Prelude Library
License: GPL V2.1
URL: https://www.prelude-siem.org
Source0: https://mirrors.nju.edu.cn/pypi/web/packages/35/18/ebbdd6f4932f64d5a1c272d7c722227eeb9b49b0cfd3b441ebc28729041e/prelude-5.1.1-1.tar.gz
BuildArch: noarch
%description
Prelude is a Universal "Security Information & Event Management" (SIEM) system.
Prelude collects, normalizes, sorts, aggregates, correlates and reports all
security-related events independently of the product brand or license giving
rise to such events; Prelude is "agentless".
As well as being capable of recovering any type of log (system logs, syslog,
flat files, etc.), Prelude benefits from a native support with a number of
systems dedicated to enriching information even further (snort, samhain, ossec,
auditd, etc.).
Prelude standardizes all the notables or suspicious events to `IDMEF`_
standard format (RFC 4765). With this format, events are enriched to facilitate
automation and correlation processes but also to provide as much information to
the operator (contextualization alerts) to allow it to respond quickly and
effectively.
Libprelude is a collection of generic functions providing communication between
all Sensors, like IDS (Intrusion Detection System), and the Prelude Manager. It
provides a convenient interface for sending and receiving IDMEF (Information
and Event Message Exchange Format) alerts to Prelude Manager with transparent
SSL, fail-over and replication support, asynchronous events and timer
interfaces, an abstracted configuration API (hooking at the command-line, the
configuration line, or wide configuration, available from the Manager), and a
generic plugin API. It allows you to easily turn your favorite security program
into a Prelude sensor.
%package -n python3-prelude
Summary: Python bindings for the Prelude Library
Provides: python-prelude
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: python3-pip
%description -n python3-prelude
Prelude is a Universal "Security Information & Event Management" (SIEM) system.
Prelude collects, normalizes, sorts, aggregates, correlates and reports all
security-related events independently of the product brand or license giving
rise to such events; Prelude is "agentless".
As well as being capable of recovering any type of log (system logs, syslog,
flat files, etc.), Prelude benefits from a native support with a number of
systems dedicated to enriching information even further (snort, samhain, ossec,
auditd, etc.).
Prelude standardizes all the notables or suspicious events to `IDMEF`_
standard format (RFC 4765). With this format, events are enriched to facilitate
automation and correlation processes but also to provide as much information to
the operator (contextualization alerts) to allow it to respond quickly and
effectively.
Libprelude is a collection of generic functions providing communication between
all Sensors, like IDS (Intrusion Detection System), and the Prelude Manager. It
provides a convenient interface for sending and receiving IDMEF (Information
and Event Message Exchange Format) alerts to Prelude Manager with transparent
SSL, fail-over and replication support, asynchronous events and timer
interfaces, an abstracted configuration API (hooking at the command-line, the
configuration line, or wide configuration, available from the Manager), and a
generic plugin API. It allows you to easily turn your favorite security program
into a Prelude sensor.
%package help
Summary: Development documents and examples for prelude
Provides: python3-prelude-doc
%description help
Prelude is a Universal "Security Information & Event Management" (SIEM) system.
Prelude collects, normalizes, sorts, aggregates, correlates and reports all
security-related events independently of the product brand or license giving
rise to such events; Prelude is "agentless".
As well as being capable of recovering any type of log (system logs, syslog,
flat files, etc.), Prelude benefits from a native support with a number of
systems dedicated to enriching information even further (snort, samhain, ossec,
auditd, etc.).
Prelude standardizes all the notables or suspicious events to `IDMEF`_
standard format (RFC 4765). With this format, events are enriched to facilitate
automation and correlation processes but also to provide as much information to
the operator (contextualization alerts) to allow it to respond quickly and
effectively.
Libprelude is a collection of generic functions providing communication between
all Sensors, like IDS (Intrusion Detection System), and the Prelude Manager. It
provides a convenient interface for sending and receiving IDMEF (Information
and Event Message Exchange Format) alerts to Prelude Manager with transparent
SSL, fail-over and replication support, asynchronous events and timer
interfaces, an abstracted configuration API (hooking at the command-line, the
configuration line, or wide configuration, available from the Manager), and a
generic plugin API. It allows you to easily turn your favorite security program
into a Prelude sensor.
%prep
%autosetup -n prelude-5.1.1
%build
%py3_build
%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .
%files -n python3-prelude -f filelist.lst
%dir %{python3_sitelib}/*
%files help -f doclist.lst
%{_docdir}/*
%changelog
* Fri Apr 21 2023 Python_Bot <Python_Bot@openeuler.org> - 5.1.1-1
- Package Spec generated
|
