| Key | Value |
|---|---|
| FileSize | 213408 |
| MD5 | 2452E0C04C1CCE71ED41C787506E48F1 |
| PackageDescription | Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 4.1.0-2 |
| SHA-1 | 104CA582AEE75274E483167EEC0B31EB1062A7B8 |
| SHA-256 | E33FAAE2DF4B1D01A129C58E6466F67F67DAEF2050DF1383894909312D7090AE |
| hashlookup:children-total | 16 |
| hashlookup:trust | 50 |
The searched file hash includes 16 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/lib/mips64el-linux-gnuabi64/prelude-lml/debug.so |
| FileSize | 10704 |
| MD5 | A911871936133C51EF0A883F9AB41793 |
| SHA-1 | 03B9D5D440D500493D5AB0B56928730FBC026C12 |
| SHA-256 | E8B1A0FE63CE121EA363E36EB34DA6C1F6A75F749FC182328CE099B4A0214CBE |
| SSDEEP | 96:uQIBU4IxsIBWBcB9d8sbJbqanqIs0X/J0X2e22r9ZlqiyCyRsAoEHXN:uiB80TsJr9Z |
| TLSH | T1D822A69EFB189E2BC1D54F32C46F8A64133F6D5E639203235A6892B12C4BB4C4FC548A |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/prelude-lml.conf |
| FileSize | 6917 |
| MD5 | 4B210089C022CDA5FEEA7F84D448EF59 |
| SHA-1 | 2A4275053E100658A3AABDC4B42FAFFCCCFBEE6D |
| SHA-256 | 1034D4064DA3BA5574B02FA1EAB815AA3CFC27C653A477AB40D3BAB0E06D469F |
| SSDEEP | 192:mKqkehijEnNUiXyB0Xus6vzGUgp4MlO25e:mkSPUsWkOP |
| TLSH | T133E17466D24D373B13CB03A150AEE1DD9B3D904D6E73341262DD98683201E7892FBBE5 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/HACKING.README |
| FileSize | 756 |
| MD5 | 1475976CC703D5CACF83483486774A0B |
| SHA-1 | 2FCBA98BFEAFCEA21E12CAD85F979583F9B51DA0 |
| SHA-256 | 1DB2E6985C825EB5742271954E017E2F8DDEE0A11A022EDDA6F9A00C19F7846C |
| SSDEEP | 12:hBe+oVOrqLRh1y4AvoInFbyE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvw49IxM5yCmFjqNHkxNEeAvW |
| TLSH | T19D01D01EF26C62A4198105E17682E3F2660F41DACB324432E257D4C533BBA7E853F5DD |
| Key | Value |
|---|---|
| FileName | ./usr/bin/prelude-lml |
| FileSize | 149544 |
| MD5 | D6625F7346838960C6625733C4B45B98 |
| SHA-1 | 364472DE37125C6DED0B35518432BE6114D09797 |
| SHA-256 | 8E8C42B5C63E7F8584F3E5BC5840139E159B0BB8EF26B1E7D40F3BDEFE7FC06B |
| SSDEEP | 3072:LttXQtAdV5ddtFd6VVTdjmT6tdGNPHLV5bPNRNmMIpvNbw4bEvjOOF53IfZpuE:LBBHjmpNFEvjBFlIP |
| TLSH | T145E31A43BB0D6E26D4D6CF31847AC2620F3C3CEBA2514B637A9C59A86D0F5CE0ED6549 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/changelog.Debian.gz |
| FileSize | 3014 |
| MD5 | E9F0C0666FC932F99FA5A167388FE448 |
| SHA-1 | 44B8C8DFCA878E5AE9B267C22CCAF09494A7EE9C |
| SHA-256 | 3960BF86FC2D94B0BF418C50931A13BEA53B0B567418128A8AD0871CD908D5A6 |
| SSDEEP | 48:XYuPxJB1oFyoclBTxlRlKSmirigY8ZQkbjUMD54wH9T+fbbbR9bK3XKLug+53drm:oObB1OclBT9ovi3Yqmyt+fbbbRVK36YS |
| TLSH | T1E2515DBEC81C5DF10EE92C30C15E5618A62C113EFD8F552074E3C46BB4670AAD5CE684 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README.Debian |
| FileSize | 517 |
| MD5 | 1298A4E7F1407B397C009E970A0EA593 |
| SHA-1 | 487955E33B167AA2C765B8B1BC951E55608DC0BA |
| SHA-256 | 2FC3B69E22C20B480C2AA5B833AD58E4BB3096BF6AC1D2EEA10F0327426B581B |
| SSDEEP | 12:nkcoBHPyNmY/m5LaR9dEB+EsRFkcvhY1V2kK0huKIcKe/m9:QNKmY/m5LudEB+EsbhCfK0huKIcKeu9 |
| TLSH | T1F9F09EE66DCD788511F0DBEAF022C090D65BFC5E50407131700CE1EE410234C05CE210 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/copyright |
| FileSize | 7030 |
| MD5 | 1CBEF425C9C3FA5C7ADC119185A99A53 |
| SHA-1 | 50CCBF06F6C0F142785409FB58D1E05F9CB09037 |
| SHA-256 | 2298353684BA3A7062161C6E2D1EC4BE3C86396B91B307F5CC1487D34C0970BD |
| SSDEEP | 192:xZPRDLOrXc3vlRH3o13hy5pWo/z4zqeFs:xNRDars3vvXqhUWo/z4zqeFs |
| TLSH | T108E1854E1940C7BB19C01BA0394E95DEE31757EE767EC490105E939EAE0BB3A17F24E4 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/mips64el-linux-gnuabi64/prelude-lml/pcre.so |
| FileSize | 38152 |
| MD5 | D8F7786C930A52E527D3A6D870A5657D |
| SHA-1 | 5F1636D48BF767079D36BA58DF00A4F93C7C87FA |
| SHA-256 | D9D6366E521D4BDDC89C4D4A5FD84878591C4D4343888A441CC09C9FE741330C |
| SSDEEP | 768:v4TNzcT/tEelW1E8IKYPj3r2ObXlJmKd51q:vocT/tEelWIj3SODlgKz1q |
| TLSH | T1CB03F856AB481D2BE0D3CF31CE7BD1641B3C3C6A62604352F6DC46ED5D0FB9D8A8644A |
| Key | Value |
|---|---|
| FileName | ./lib/systemd/system/prelude-lml.service |
| FileSize | 152 |
| MD5 | 8C583644419BCD84F97511F76D10284A |
| SHA-1 | 9E329CC69398403460EDDA0CDA307153F7980D0A |
| SHA-256 | B1833CB9E3EAE96398A4645ED706256053E9BA15B6EE81F4ABED3BFC2200DD66 |
| SSDEEP | 3:zMZa7+rUSXABlRVGmDMzdK+aQ9sHSdS5czTLESkQmWA1+DRvn:z8tU6wlzGmDMzdK+aG858ILQmWA4Rv |
| TLSH | T1C3C08C29F48064A0980A2AABCE724BA85A504508AF8DF82436A124291AC0656A4348A9 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/changelog.gz |
| FileSize | 130440 |
| MD5 | C491AD306C3874741112AFF482CEDAFF |
| SHA-1 | AEF35D708636EA9C9FAF626B3DC45D38D90497B7 |
| SHA-256 | E7BB2173DA1C8DC2DACD71755C8C78866BEE90C1A10F2B54FF3FBF03C562C1CF |
| SSDEEP | 3072:R9e9lrNLKlL3v4l9coNKg3RS0KGFXGXwKPAnbPq/y/S4ydBFrcj:R9e/rNkzA3YmFBZGASAnbia/S4ydBFrY |
| TLSH | T134D312248439252D54981C96869BFB84DFE6AABA31376F3AF1C2F544782BF4CC670DD0 |