Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-analyzer
diff options
context:
space:
mode:
authorThomas Andrejak <thomas.andrejak@gmail.com>2016-07-17 15:14:12 +0200
committerGöktürk Yüksek <gokturk@gentoo.org>2016-08-04 21:10:12 -0400
commit241b67a4b002630e65fad02cae4503d4029a2162 (patch)
tree027e452ea60d2892c85e5d633835a74ac8eeb8ca /net-analyzer
parentnet-analyzer/prelude-lml-rules: New package (diff)
downloadgentoo-241b67a4b002630e65fad02cae4503d4029a2162.tar.gz
gentoo-241b67a4b002630e65fad02cae4503d4029a2162.tar.bz2
gentoo-241b67a4b002630e65fad02cae4503d4029a2162.zip
net-analyzer/prelude-correlator: New package
Prelude-Correlator allows conducting multi-stream correlations thanks to a powerful programming language for writing correlation rules.
Diffstat (limited to 'net-analyzer')
-rw-r--r--net-analyzer/prelude-correlator/Manifest1
-rwxr-xr-xnet-analyzer/prelude-correlator/files/prelude-correlator.initd27
-rw-r--r--net-analyzer/prelude-correlator/files/prelude-correlator.run4
-rw-r--r--net-analyzer/prelude-correlator/files/prelude-correlator.service13
-rw-r--r--net-analyzer/prelude-correlator/metadata.xml21
-rw-r--r--net-analyzer/prelude-correlator/prelude-correlator-3.0.1.ebuild31
6 files changed, 97 insertions, 0 deletions
diff --git a/net-analyzer/prelude-correlator/Manifest b/net-analyzer/prelude-correlator/Manifest
new file mode 100644
index 000000000000..63e53ea90b0d
--- /dev/null
+++ b/net-analyzer/prelude-correlator/Manifest
@@ -0,0 +1 @@
+DIST prelude-correlator-3.0.1.tar.gz 181019 SHA256 8e19a2c90dfe0a5715062c3f0e3399439a7ba914e1c19e3b3fd24a69f4a98fac SHA512 2aa159251cf7f9fead117737f67cc01e7cb2012c4fd9db77454c7d639cf477888d5ea6476661bf501c2da7aaef58ea7101b7780669f025af1480acd9480ce8d3 WHIRLPOOL b7538e1e6e4f7504c4dbb0044e74c667d8edd49f4b8a52f03eb7620b3213e9de44a6b5beef02316c7c722989286c8f7fc1204822bcdbb3f320ee30aaacd60aa7
diff --git a/net-analyzer/prelude-correlator/files/prelude-correlator.initd b/net-analyzer/prelude-correlator/files/prelude-correlator.initd
new file mode 100755
index 000000000000..26e18d5c72c5
--- /dev/null
+++ b/net-analyzer/prelude-correlator/files/prelude-correlator.initd
@@ -0,0 +1,27 @@
+#!/sbin/runscript
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+BIN_CORRELATOR=/usr/bin/prelude-correlator
+PID_CORRELATOR=/run/prelude-correlator/prelude-correlator.pid
+
+depend() {
+ need net
+ after prelude-manager
+}
+
+start() {
+ ebegin "Starting prelude-correlator"
+ checkpath -d -m 0755 -o root:root /run/prelude-correlator
+ start-stop-daemon --start --exec $BIN_CORRELATOR \
+ --pidfile $PID_CORRELATOR -- -d -P $PID_CORRELATOR
+ eend $?
+}
+
+stop() {
+ ebegin "Stopping prelude-correlator"
+ start-stop-daemon --stop --exec $BIN_CORRELATOR \
+ --pidfile $PID_CORRELATOR
+ eend $?
+}
diff --git a/net-analyzer/prelude-correlator/files/prelude-correlator.run b/net-analyzer/prelude-correlator/files/prelude-correlator.run
new file mode 100644
index 000000000000..8bec03f78704
--- /dev/null
+++ b/net-analyzer/prelude-correlator/files/prelude-correlator.run
@@ -0,0 +1,4 @@
+# Configuration to create /run/prelude-correlator directory
+# Used as part of systemd's tmpfiles
+
+d /run/prelude-correlator 0755 root root
diff --git a/net-analyzer/prelude-correlator/files/prelude-correlator.service b/net-analyzer/prelude-correlator/files/prelude-correlator.service
new file mode 100644
index 000000000000..7b763c30c13a
--- /dev/null
+++ b/net-analyzer/prelude-correlator/files/prelude-correlator.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Prelude-Correlator service
+DefaultDependencies=no
+After=remote_fs.target prelude-manager.service
+
+[Service]
+ExecStart=/usr/bin/prelude-correlator -d -P /run/prelude-correlator/prelude-correlator.pid
+Type=forking
+PIDFile=/run/prelude-correlator/prelude-correlator.pid
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-analyzer/prelude-correlator/metadata.xml b/net-analyzer/prelude-correlator/metadata.xml
new file mode 100644
index 000000000000..fa977ec21f47
--- /dev/null
+++ b/net-analyzer/prelude-correlator/metadata.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>thomas.andrejak@gmail.com</email>
+ <name>Thomas Andrejak</name>
+ </maintainer>
+ <maintainer type="project">
+ <email>proxy-maint@gentoo.org</email>
+ <name>Proxy Maintainers</name>
+ </maintainer>
+ <longdescription lang="en">
+ Prelude-Correlator allows conducting multi-stream correlations
+ thanks to a powerful programming language for writing correlation
+ rules. With any type of alert able to be correlated, event
+ analysis becomes simpler, quicker and more incisive. This
+ correlation alert then appears within the Prewikka interface
+ and indicates the potential target information via the set of
+ correlation rules.
+ </longdescription>
+</pkgmetadata>
diff --git a/net-analyzer/prelude-correlator/prelude-correlator-3.0.1.ebuild b/net-analyzer/prelude-correlator/prelude-correlator-3.0.1.ebuild
new file mode 100644
index 000000000000..59a034145e7e
--- /dev/null
+++ b/net-analyzer/prelude-correlator/prelude-correlator-3.0.1.ebuild
@@ -0,0 +1,31 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+
+PYTHON_COMPAT=( python2_7 )
+
+inherit systemd distutils-r1
+
+DESCRIPTION="Real time correlator of events received by Prelude Manager"
+HOMEPAGE="https://www.prelude-siem.org"
+SRC_URI="https://www.prelude-siem.org/pkg/src/3.0.0/${P}.tar.gz"
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+
+DEPEND="dev-python/setuptools"
+
+RDEPEND="dev-python/netaddr[${PYTHON_USEDEP}]
+ dev-libs/libprelude[${PYTHON_USEDEP}]"
+
+src_install() {
+ distutils-r1_src_install
+
+ systemd_dounit "${FILESDIR}/${PN}.service"
+ systemd_newtmpfilesd "${FILESDIR}/${PN}.run" "${PN}.conf"
+
+ newinitd "${FILESDIR}/${PN}.initd" "${PN}"
+}