I just wrote code to a well-known sensor to support Prelude IDS log output. As IDS folks may know, this leads an interesting path to correlation.


I also wrote documentation about this, from the very beginning which is: grab sensor svn sources, find the exit point (how I found it) and write the Prelude code.