GnuTLS handshake failed: Internal error.

[salamtabet]

Hello,

I cloned the project into my Windows 10 machine and after typing "make" into the command line, it's giving the following error: GnuTLS handshake failed: Internal error. Particularly, prelude-lml is giving this error when trying to connect to the prelude-manager Here's a screenshot of the error:

I would really appreciate it if anyone can help.

[fpoirotte]

Hi,

Could you post the full output of the make command? If the error is raised by Prelude Correlator rather than docker/podman, you may also want to report the issue on Prelude SIEM's bug tracker directly (https://www.prelude-siem.org/)

Regards, François

[salamtabet]

Thanks for your reply. I already deleted this from Windows and transferred to a Linux OS, and it's working there.

I have a little question: where and how can I access Prelude database or alerts (I need the alerts to be in a single file to be processed later by another program)

Thanks in advance.

[fpoirotte]

Hi, glad to hear you managed to solve your initial problem;

The alerts are stored in a postgresql database named "prelude" running inside the "db-alerts" container. You can log into the database from another container connected to the "alerts" network using the "prelude" login and the password configured inside secrets/alerts_db ("prelude" by default).

Alternatively, you can edit dockerfiles/manager/Dockerfile so as to install additional reporting plugins that match your needs, and then edit the default configuration in files/etc/prelude-manager/prelude-manager.conf to make use of those plugins. See https://github.com/Prelude-SIEM/prelude-manager/tree/master/plugins/reports for a list of available reporting plugins and the Prelude SIEM wiki for more information on how to configure them.

[salamtabet]

Thank you!