| Key | Value |
|---|---|
| FileSize | 209952 |
| MD5 | F61C8E31F43B27D45C665107C822C23F |
| PackageDescription | Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 4.1.0-2 |
| SHA-1 | 227C3249695174B2081FCC40C0FE1DE9F3F31024 |
| SHA-256 | CB7CCCCB89DE0089015507ED96565DDFC5787B6D141C65413D452178330E606B |
| hashlookup:children-total | 16 |
| hashlookup:trust | 50 |
The searched file hash includes 16 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/prelude-lml.conf |
| FileSize | 6917 |
| MD5 | 4B210089C022CDA5FEEA7F84D448EF59 |
| SHA-1 | 2A4275053E100658A3AABDC4B42FAFFCCCFBEE6D |
| SHA-256 | 1034D4064DA3BA5574B02FA1EAB815AA3CFC27C653A477AB40D3BAB0E06D469F |
| SSDEEP | 192:mKqkehijEnNUiXyB0Xus6vzGUgp4MlO25e:mkSPUsWkOP |
| TLSH | T133E17466D24D373B13CB03A150AEE1DD9B3D904D6E73341262DD98683201E7892FBBE5 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/HACKING.README |
| FileSize | 756 |
| MD5 | 1475976CC703D5CACF83483486774A0B |
| SHA-1 | 2FCBA98BFEAFCEA21E12CAD85F979583F9B51DA0 |
| SHA-256 | 1DB2E6985C825EB5742271954E017E2F8DDEE0A11A022EDDA6F9A00C19F7846C |
| SSDEEP | 12:hBe+oVOrqLRh1y4AvoInFbyE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvw49IxM5yCmFjqNHkxNEeAvW |
| TLSH | T19D01D01EF26C62A4198105E17682E3F2660F41DACB324432E257D4C533BBA7E853F5DD |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/changelog.Debian.gz |
| FileSize | 3014 |
| MD5 | E9F0C0666FC932F99FA5A167388FE448 |
| SHA-1 | 44B8C8DFCA878E5AE9B267C22CCAF09494A7EE9C |
| SHA-256 | 3960BF86FC2D94B0BF418C50931A13BEA53B0B567418128A8AD0871CD908D5A6 |
| SSDEEP | 48:XYuPxJB1oFyoclBTxlRlKSmirigY8ZQkbjUMD54wH9T+fbbbR9bK3XKLug+53drm:oObB1OclBT9ovi3Yqmyt+fbbbRVK36YS |
| TLSH | T1E2515DBEC81C5DF10EE92C30C15E5618A62C113EFD8F552074E3C46BB4670AAD5CE684 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README.Debian |
| FileSize | 517 |
| MD5 | 1298A4E7F1407B397C009E970A0EA593 |
| SHA-1 | 487955E33B167AA2C765B8B1BC951E55608DC0BA |
| SHA-256 | 2FC3B69E22C20B480C2AA5B833AD58E4BB3096BF6AC1D2EEA10F0327426B581B |
| SSDEEP | 12:nkcoBHPyNmY/m5LaR9dEB+EsRFkcvhY1V2kK0huKIcKe/m9:QNKmY/m5LudEB+EsbhCfK0huKIcKeu9 |
| TLSH | T1F9F09EE66DCD788511F0DBEAF022C090D65BFC5E50407131700CE1EE410234C05CE210 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/copyright |
| FileSize | 7030 |
| MD5 | 1CBEF425C9C3FA5C7ADC119185A99A53 |
| SHA-1 | 50CCBF06F6C0F142785409FB58D1E05F9CB09037 |
| SHA-256 | 2298353684BA3A7062161C6E2D1EC4BE3C86396B91B307F5CC1487D34C0970BD |
| SSDEEP | 192:xZPRDLOrXc3vlRH3o13hy5pWo/z4zqeFs:xNRDars3vvXqhUWo/z4zqeFs |
| TLSH | T108E1854E1940C7BB19C01BA0394E95DEE31757EE767EC490105E939EAE0BB3A17F24E4 |
| Key | Value |
|---|---|
| FileName | ./lib/systemd/system/prelude-lml.service |
| FileSize | 152 |
| MD5 | 8C583644419BCD84F97511F76D10284A |
| SHA-1 | 9E329CC69398403460EDDA0CDA307153F7980D0A |
| SHA-256 | B1833CB9E3EAE96398A4645ED706256053E9BA15B6EE81F4ABED3BFC2200DD66 |
| SSDEEP | 3:zMZa7+rUSXABlRVGmDMzdK+aQ9sHSdS5czTLESkQmWA1+DRvn:z8tU6wlzGmDMzdK+aG858ILQmWA4Rv |
| TLSH | T1C3C08C29F48064A0980A2AABCE724BA85A504508AF8DF82436A124291AC0656A4348A9 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/arm-linux-gnueabihf/prelude-lml/pcre.so |
| FileSize | 21928 |
| MD5 | C59059D72303D7E8E27DB5033A89D8C8 |
| SHA-1 | A6359DA2FB1145634AFFEBC941E98B5F4EDBD994 |
| SHA-256 | E8E795B74B690F4DC17A20852D339FD573D306E3D47BD1693A6F506B0192C7C0 |
| SSDEEP | 384:wpjRcH/jTAc2aDkjRHNLWTWeroDopZf3wHZjDCODgVzpuS4W+CrktPeI2L/:8cH/jTAcaN4Wes8psiOUzAW1rk6L |
| TLSH | T14BA21AE5A37AD51FC88023BD995A9E4636108189824C7F92E55C40ECBF4FB78CDE7D12 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/changelog.gz |
| FileSize | 130440 |
| MD5 | C491AD306C3874741112AFF482CEDAFF |
| SHA-1 | AEF35D708636EA9C9FAF626B3DC45D38D90497B7 |
| SHA-256 | E7BB2173DA1C8DC2DACD71755C8C78866BEE90C1A10F2B54FF3FBF03C562C1CF |
| SSDEEP | 3072:R9e9lrNLKlL3v4l9coNKg3RS0KGFXGXwKPAnbPq/y/S4ydBFrcj:R9e/rNkzA3YmFBZGASAnbia/S4ydBFrY |
| TLSH | T134D312248439252D54981C96869BFB84DFE6AABA31376F3AF1C2F544782BF4CC670DD0 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/arm-linux-gnueabihf/prelude-lml/debug.so |
| FileSize | 5384 |
| MD5 | 9429FF06A5A06E92D708BF5954FAD791 |
| SHA-1 | C573B736D81CF49907B2808E470EB4A2DBEA2108 |
| SHA-256 | A49357E7C588B98CAFDF4C6DA0C7B39288E418B5668C4583234BF1535489C164 |
| SSDEEP | 96:vkz87R0BWBc99JfPQkYx+X/KrVimFRNkKtrvz4LZMFA2:s38q4kYSKr0iR6ewM |
| TLSH | T161B185CBB2A76EB7C4514372D1BF4A801A21E495229B4B1377D450B02EB35F89C7396F |
| Key | Value |
|---|---|
| FileName | ./usr/include/prelude-lml/prelude-lml.h |
| FileSize | 2439 |
| MD5 | 9A72521F2588924E6A03B1DF1B06E871 |
| SHA-1 | CC634DDA111D1365B631E1871E3C033309CB4764 |
| SHA-256 | DB0633C74EFB1F5703926B8FE6D8A4BD8EE06FD06F6D04DF4364E7A226486CF5 |
| SSDEEP | 48:9amdpey3HTyiDNxUbta6zr4yno6SuYUSui7WoPoFnojTTnOB05s:9TBD0XZ/Z |
| TLSH | T13441A9D0983EC7A63DB20BF120D652C3600962ED7A65DAC2754EF35C446737C1222BA3 |