| Key | Value |
|---|---|
| FileSize | 217512 |
| MD5 | A3393FF6381DC565D0C1F9431F4DAB02 |
| PackageDescription | Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 5.2.0-2 |
| SHA-1 | 0406879ECE460A014E65D5636F3E5DEE49901FFA |
| SHA-256 | 9AFDAC9CBC36959ADD2F7DA663B319C2B28FC66EE7BED8155138ECDBA8645B4E |
| hashlookup:children-total | 16 |
| hashlookup:trust | 50 |
The searched file hash includes 16 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/bin/prelude-lml |
| FileSize | 136872 |
| MD5 | 52EA373B997856B3ACAFFA3F0296B28A |
| SHA-1 | 021948A42B81633FC2B32499DE74EEA76DB4BFA4 |
| SHA-256 | BF89394815EE09A67343C2DB0BB20AAE7D2BB92AF7634FDFA98BC1E71D7CA534 |
| SSDEEP | 3072:kbIjd5GGQN5mQNZJAjg4DfIZGzBV0L/8auhcf99tzEZG6lP0wShO7/7n/3qzWymO:6N5zNZJAjg4DfIZGzBOL/8auhcfftzEf |
| TLSH | T172D31943BB4D6D26D4D6CF36847AC2610F3C38ABA35117237A9C89A9AD0F9CD0FC6449 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/changelog.gz |
| FileSize | 137987 |
| MD5 | B8EBABA1651CCD7E59E9B39F7E2D1A44 |
| SHA-1 | 034354933B974C012E66B8AB804C95860A31FF4E |
| SHA-256 | BEA7810214DE662B66F22038E98C9C94472F6D3CA100E2D2417270E839817953 |
| SSDEEP | 3072:G/qLSN0y6DgAEAQ4oJmYkmIIBqsk6OP2BpDNSbgAyWTmOtY:GSm66tkmIIBC6eOtNS3pY |
| TLSH | T176D3127792603853DBD726278AE5E1F2BECF64BA498BFDA050349DFE818357404D2583 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/packages/prelude-lml/HACKING.README |
| FileSize | 780 |
| MD5 | CE979EC4C4C9FD55949BA6867F0EB356 |
| SHA-1 | 2D6ACFF0197B79132F46DBE5FAFAC14975C0E1F0 |
| SHA-256 | 5CE75927A9FE75588107C5E2A7BF5979807A22A5AA9F21DFB3EB7497F9FB6DDB |
| SSDEEP | 12:hBe+oVOrqLRh15X2voInFi2yE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvzHIE2M5yCmFjqNHkxNEeAvW |
| TLSH | T13E01F11EF36C62A8254609917282E3F6A20F41DACB214431E116D4C533BAA7E853F5DD |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/changelog.Debian.gz |
| FileSize | 3458 |
| MD5 | D2C8707D8C3568BA5717C610185EB704 |
| SHA-1 | 416AE6977859E9A95C81B52C7671C5FDFCBDDAB4 |
| SHA-256 | 51CAA4D0ACA61620C1FBCC483100FF9D2C4BB4AE9A8C5E14E92928ADA01ED8BD |
| SSDEEP | 96:TZAx2jYG7JcxNwF6lXUwU+FXqf/HaLTInQri1D6w:OojNi9VU5+wvhneg |
| TLSH | T1F7618F931A02F7F58D199EF974CDF5257A1DE3B850BDB05C10D4254FA05483E46820FD |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README.Debian |
| FileSize | 517 |
| MD5 | 1298A4E7F1407B397C009E970A0EA593 |
| SHA-1 | 487955E33B167AA2C765B8B1BC951E55608DC0BA |
| SHA-256 | 2FC3B69E22C20B480C2AA5B833AD58E4BB3096BF6AC1D2EEA10F0327426B581B |
| SSDEEP | 12:nkcoBHPyNmY/m5LaR9dEB+EsRFkcvhY1V2kK0huKIcKe/m9:QNKmY/m5LudEB+EsbhCfK0huKIcKeu9 |
| TLSH | T1F9F09EE66DCD788511F0DBEAF022C090D65BFC5E50407131700CE1EE410234C05CE210 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/copyright |
| FileSize | 7042 |
| MD5 | FD3812A430FE63F003C96F99CD0161BB |
| SHA-1 | 77CCAFEDD12E5C02306373C6DD53FF79E61163C6 |
| SHA-256 | 50A5508C4A8FCD0B26167DF51CD1DE94A014AE1ACDA2D9350B5818E6785289D7 |
| SSDEEP | 192:x4PE6LOrXc3vlRH3o13hy5pWo/z4zqeFs:xSE6ars3vvXqhUWo/z4zqeFs |
| TLSH | T1F6E1964E1A40C7BB19C01BA0394F95DAE31757EE767EC490105E938E9E0BB3A27F64D4 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/mips64el-linux-gnuabi64/prelude-lml/pcre.so |
| FileSize | 38168 |
| MD5 | CF94C10EE57D16A999E52AC032FD8768 |
| SHA-1 | 8E5403FB408AA7AD2867AFB3D6D6785E307E84C6 |
| SHA-256 | E0F7A3A6C7AD0063489CC436B27780C5A389B77BA84076E76C258ED462E359EB |
| SSDEEP | 384:V73pGcVTelbQsifUNXj1p+KhiFZl4rIm2V7I9p4XxGDu//hlgJGO9:V73pGcVTelHifUNRviFZ2r8bXxaq8 |
| TLSH | T15E03FA56A7185E26E0D2CF32CD3BD174077C2D6B63608352FA9C49ECAD0E79D4E8294B |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/NEWS.gz |
| FileSize | 10715 |
| MD5 | BB6531860D1CE9E30ED71E422F34791B |
| SHA-1 | 9A0E6FADCE0C9DACD9EC9E80CAC69640C9D498F6 |
| SHA-256 | 90F121310BCB4188334A80A85E69EC32A7A50C4686E56D9B2ABC88AB8695DB56 |
| SSDEEP | 192:bwdYusZzHnVekEctQdvpZqDRlMjpyrbKS+b19r0nOhsiSfF05Nh1r:nVZVYctQtpZIMjGK5TvSINb |
| TLSH | T1D922AF9AB116CFA50D85A6E42D47E8057CB72CEDF0938AA45B4E52C287C88B5841F8F8 |
| Key | Value |
|---|---|
| FileName | ./lib/systemd/system/prelude-lml.service |
| FileSize | 152 |
| MD5 | 8C583644419BCD84F97511F76D10284A |
| SHA-1 | 9E329CC69398403460EDDA0CDA307153F7980D0A |
| SHA-256 | B1833CB9E3EAE96398A4645ED706256053E9BA15B6EE81F4ABED3BFC2200DD66 |
| SSDEEP | 3:zMZa7+rUSXABlRVGmDMzdK+aQ9sHSdS5czTLESkQmWA1+DRvn:z8tU6wlzGmDMzdK+aG858ILQmWA4Rv |
| TLSH | T1C3C08C29F48064A0980A2AABCE724BA85A504508AF8DF82436A124291AC0656A4348A9 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/packages/prelude-lml/README |
| FileSize | 1742 |
| MD5 | A5924B09DE4B82B6F15A5BE943CA79F2 |
| SHA-1 | CBF9D34C6A6077CE6250E1E681663EBFF1E19795 |
| SHA-256 | E36B8D95200965696F8FB79B0338C070E7A370B6B52F1227F7187AC201B3B4E0 |
| SSDEEP | 24:ykwdzTaLVNECo7w5QlXlunfy1XICIrYKZQgDnJkt8MswCHJfVKcDwaq+ygXA:SwECo7Hlua1XtKZQg1kt8DXJfVsP |
| TLSH | T1AE3116FFA2687270734525C87216E0FBCBA375AEE2602571FC9C94D5632A39C4236B85 |