Choose your version

 

Prelude OSS and Prelude SIEM are sharing the same core around the IDMEF standard format. Both solutions are compatible with each other. However, Prelude OSS remains a limited version that is not recommended to deploy in critical environments. It can be used on limited-sized infrastructures, for research purposes, IDMEF standard format or correlation bases learning, for a first Prelude's evaluation. However to do this, we recommend you to request a complete evaluation version of Prelude SIEM.

 
Versions PRELUDE OSS Prelude SIEM
Standard IDMEF IDMEF, IODEF
Alerting Simplified alert tray Simplified & expert alert tray, many tools for alerts analysis and visualization
Correlation Simple correlation from Python scripts, deployment in the command line, 10 default rules Correlation and performance from metalanguage, rules edition and deployment via the web-UI, 60 default rules
Selection Rules edition via shell, regex and command line. 30 default equipments Rules edition & deployment via the web-UI. 100 default equipments
 Archiving Alert archiving only Alert & log archiving in a NoSQL database, indexing and intuitive analysis interface
 Analyse Alert tray filtering  Browsable graphs statistics, Forensic graphic, Reporting, Compliance management
 Architecture Mono-server deployment Multi-server architecture, relaying, high-availability, fail over
Rights Mono-user, no authentication Multi-user, LDAP authentication, user-rights & profile management 
 Operating system Limited, many actions through "shell and command line" Customized overview, Customizable dashboard, Integrated tickets management, Workflow and knowledge base, Multiple configuration web-UI
Performance Limited real-time processing capacity by a non-optimized database schema. Performance decreasing with the increase of archived alert volume

Millions alert notifications are possible in a day. Search time up to 30 times faster than the Prelude OSS version