Overview
Beltane is a web-based central
management console for the
Samhain file integrity / intrusion
detection system. It enables the administrator to browse client messages,
acknowledge them, and update centrally stored file signature databases.
As the Samhain daemon keeps a memory of file changes, the file signature database need only be up to date when the daemon restarts and downloads the database from the central server. Beltane allows you to use the information logged by the client in order to update the signature database.
Requirements
Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to an SQL database enabled.
Beltane is a PHP application, with some additional components written in C. It requires PHP version 5.0 or later, compiled as Apache module or as CGI interpreter.
On the client side, Beltane requires a Javascript capable browser, with cookies enabled. We recommend Mozilla/Firefox, as it is rumoured to be the most standard-conforming browser, but most inferior browsers may work as well.
Documentation
Documentation is provided as SGML and HTML files within the tarball. It is strongly recommended to read the documentation before attempting to install Beltane.
Beltane I
Beltane I is a free prototype which provides the basic functionality as described above. However, due to design problems that were only fixed in Beltane II the performance for baseline updates is poor, and thus Beltane I may not be very useful if you have more than a single client. Beltane I is available under the GNU Public License.
beltane-1.0.21.tar.gz (205 kB)
Release date: Oct 31, 2016
SHA-256 checksum: 1fcdd0 684ed4 78ef54 f3ccd9
395fab ec4f32 3ed833 532655 9efb34 e7b2c3 3408
PGP signature: beltane-1.0.21.tar.gz.sig
Copyright © 2002-2016 Rainer Wichmann.
Beltane 1 ("the software") is distributed under the terms of the
GNU General Public Licence
("GPL").
Beltane II
Beltane II is targeted at users with large samhain client/server installations, and offers features for significantly improved scalability and usability in such environments.
Feel free to have a look at some Screenshots.
Beltane II provides:
- Major performance and scalability improvements for reduced memory consumption, much faster baseline database updates, and faster reload of the client panel
- Support for Oracle Database (Beltane version 2.1.1 and above)
- Client Status Display (running/dead/unknown)
- Sorting and Filtering of the message list, as well as a Search function.
- Cryptographic Signing of client file signature databases after an update
- Multiple Users with logging of login/logouts, separation of samhain clients into different groups, HTTP authentication, LDAP authentication.
- Diff viewing for modified files if full file content is stored in baseline database (this is possible since samhain version 2.4.4).
- User Manual available online.
Obtaining Beltane II
Beltane II is not distributed under the terms of the GNU Public license. In particular, redistribution is not permitted. Please read the license for details.
With your license, you will obtain the password for the Beltane II download directory. You will then be able to download the newest version of Beltane II whenever you wish, as often as you wish.
Commercial license options
For unlimited licenses (unlimited number of Beltane II installations and managed samhain clients), as well as for any other license and/or payment options, please refer to Samhain Services.
Beltane II download (password required)
beltane-2.7.3.tar.gz
(711 kB)
Release date: May 10, 2022
SHA-256 checksum: df0cf85a9dc4821d21479d48b359afa3c0a4877e0b6f437464d56279cecf45a3
PGP signature: beltane-2.7.3.tar.gz.sig
