Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. As the Samhain daemon keeps a memory of file changes, the file signature database need only be up to date when the daemon restarts and downloads the database from the central server. Beltane allows you to use the information logged by the client in order to update the signature database.
Features of Beltane
· Major performance and scalability improvements for reduced memory consumption, faster baseline database updates, and faster reload of the client panel
· Support for Oracle database (Beltane version 2.1.1 and above)
· Client Status Display (running/dead/unknown)
· Bulk Update from user-defined criteria like: the hostname, a list of files (with or without checksums), or a time window
· On-the-fly Sorting of the message list
· Message Filtering with POSIX regular expressions
· GnuPG Signing of client file signature databases after an update
· Search function for the database.
· Editing of client configurations
· Client Configuration Reload can be triggered
· Multiple Users with logging of login/logouts
· Server Messages can be viewed optionally