raprelude is an argus client which loggs argus network
flows as IDMEF alerts to a prelude-manager.

Required software:

libprelude-0.9
argus-clients-2.0.6

For information on argus see:
http://www.qosient.com/argus/

The prelude ids frontend can be found on
http://www.prelude-ids.org/
while further information can be obtained
from
https://trac.prelude-ids.org/

How to compile and install raprelude:

- untar the raprelude tar archive.
- change into the raprelude directory.
- ./apply.sh
  this scripts tries to find the necessary
  files for compilation of raprelude. These
  are the following:
  - argus-clients-2.0.6 directory
  - lib directory where libprelude.so can be found
  - include directory with the header files of
    libprelude
  - lib directory where libgnutls.so can be found
  Afterwards the scripts modifies the patch file
  "raprelude.patch" and the patch is applied in
  the argus directory.
- change into the argus-clients-2.0.6 directory
  and run configure, make and make install.

On the first start of raprelude you have to
couple the raprelude sensor with your prelude
manager. "raprelude" is the profile-name
of the sensor. In your prelude /etc directory
you will find /etc/prelude/profile/raprelude.
Copy the provided file "class.conf" into this
directory and modify to your own needs.

If you need help feel free to mail me at

raprelude at intrusion-lab.net

Have fun and enjoy,
  Olaf Gellert