| Key | Value |
|---|---|
| MD5 | 5BEDF96852DC82BA8892DAE181D9360B |
| PackageArch | armv7hl |
| PackageDescription | The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports log files in the BSD syslog format and is able to analyze any log file by using the PCRE library. It can apply log file specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | Fedora Project |
| PackageName | prelude-lml |
| PackageRelease | 3.fc34 |
| PackageVersion | 5.2.0 |
| SHA-1 | 465E9C88FDB0C814746FFC8FD7EB755A7E1EB357 |
| SHA-256 | 46F0B5159EECF6E2F94D117CB5D5514FB7C1ECDC6CCCFAA7DF62B5A34F8AFD20 |
| hashlookup:children-total | 13 |
| hashlookup:trust | 50 |
The searched file hash includes 13 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/sbin/prelude-lml |
| FileSize | 120428 |
| MD5 | 16F054A95532BB8CC620EC6DF0D104C3 |
| SHA-1 | BDA46170C05F3B842E1537411A6C38EDD6646405 |
| SHA-256 | 86F2D4130BA2FBEAC8CFDD228871A0096D34A72005475738F1AD259C7055AC75 |
| SSDEEP | 1536:CyOHKRvoA6sE99ZKE0hiYULYUfr0MQ9sPUhFMzroi7FczyO238PPWB40z+2fP14L:CyaKfuZ0G9Rr+Z48PPWbnD/ilXrkg |
| TLSH | T15AC31AAAF440DB76C9D01274770B8379322356B8D3D7A722DE0A91343EA64AC4637F5E |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/plugins.rules |
| FileSize | 836 |
| MD5 | 446480A94DE7E09917ACD9C48361234B |
| SHA-1 | CCC52AC2BE9F8DCFFA54115CD8F46FC7995DC8D5 |
| SHA-256 | 6E009A53AD344BD1563EA2A2B79A8D3F53886948567979355EA3FCCD2C3F6BF9 |
| SSDEEP | 24:SslZ+0CJBxd1ayS3EPSR0LSjTWdEkoF7lS5EPgLRSaAgm:S++0CJBX1ayS3yS+LSncEnS5ygLqgm |
| TLSH | T172014C1F878D253101E584E23099E1D9462AD2D9ABF0E091F7DE855C6B3497E51A9D40 |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/lib/systemd/system/prelude-lml.service |
| FileSize | 138 |
| MD5 | 6418C224E5053F6383BDB625BB5AB03F |
| SHA-1 | 213258946530DD5C99AD5F1030A6620935523DE7 |
| SHA-256 | 1BF3E17E9BF20FD5E70A41860F89C56381512EBBC3487F767031422136046939 |
| SSDEEP | 3:zMZa7+rUSXABlRVGmDMzdK+aQmMSv2rSkQmWA1+DRvn:z8tU6wlzGmDMzdK+aBJcLQmWA4Rv |
| TLSH | T14DC02B25F440B0B1980B2EABCE3247A849104648EF8CF4207AB2142D06C450A94300BD |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/packages/prelude-lml/HACKING.README |
| FileSize | 780 |
| MD5 | CE979EC4C4C9FD55949BA6867F0EB356 |
| SHA-1 | 2D6ACFF0197B79132F46DBE5FAFAC14975C0E1F0 |
| SHA-256 | 5CE75927A9FE75588107C5E2A7BF5979807A22A5AA9F21DFB3EB7497F9FB6DDB |
| SSDEEP | 12:hBe+oVOrqLRh15X2voInFi2yE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvzHIE2M5yCmFjqNHkxNEeAvW |
| TLSH | T13E01F11EF36C62A8254609917282E3F6A20F41DACB214431E116D4C533BAA7E853F5DD |
| Key | Value |
|---|---|
| CRC32 | 4E46F4A1 |
| FileName | ./usr/share/cmake/Templates/fedora/gpl-2.0.txt |
| FileSize | 18092 |
| KnownMalicious | malshare.com |
| MD5 | B234EE4D69F5FCE4486A80FDAF4A4263 |
| OpSystemCode | 362 |
| ProductCode | 15109 |
| RDS:package_id | 313212 |
| SHA-1 | 4CC77B90AF91E615A64AE04893FDFFA7939DB84C |
| SHA-256 | 8177F97513213526DF2CF6184D8FF986C675AFB514D4E68A404010521B880643 |
| SHA-512 | AEE80B1F9F7F4A8A00DCF6E6CE6C41988DCAEDC4DE19D9D04460CBFB05D99829FFE8F9D038468EABBFBA4D65B38E8DBEF5ECF5EB8A1B891D9839CDA6C48EE957 |
| SSDEEP | 384:ghUwi5rpL676yV12rPd34ZomzM2FR+dWF7jUI:gmFWixMFzMdm7jUI |
| SpecialCode | |
| TLSH | T13A82A42E770443F205C202A16A4F68DFA32AD5B9723E1155386DC15E236FE35C3BFA99 |
| db | nsrl_legacy |
| insert-timestamp | 1728991626.679368 |
| mimetype | text/plain |
| nsrl-sha256 | rds241-sha256.zip |
| source | snap:MmD5jWldYNMNgb2rFFht3FNKGJx1FLLV_613 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/lib/prelude-lml/debug.so |
| FileSize | 10416 |
| MD5 | 5CFAE2F83968519D37472A3411122137 |
| SHA-1 | D2F6A91500B3793FF76F658F89B2354BB0B1409E |
| SHA-256 | 5458B44A8909DD34D5C2A71B56C5BB6751908CE6D16659CA227F94EB683C525F |
| SSDEEP | 96:3Vde9BWBcih/6lFJfK2bY8GoIr7h60A1lbctQMBVF3/qIpqZ/AIDNhwyI:Fda8YlFJ4o+GfbOtvJpo/hh |
| TLSH | T13922C88EF1AA9FF7C8D01279A17B4A612322C99646C74713924436643F676A84EE3D0B |
| Key | Value |
|---|---|
| FileName | ./usr/lib/tmpfiles.d/prelude-lml.conf |
| FileSize | 36 |
| MD5 | 6E1EE4B44ECA83D673275BFBAAC16AEE |
| SHA-1 | 6DB5DE0E9DCA111560CF6026AFE4E1D873F90E62 |
| SHA-256 | 65B86C577B7A26A43656ACC949EF66D04844AA7EF114CF8428019DD33D182953 |
| SSDEEP | 3:kQe4VjP3HWn:kQldP3HW |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/packages/prelude-lml/README |
| FileSize | 1742 |
| MD5 | A5924B09DE4B82B6F15A5BE943CA79F2 |
| SHA-1 | CBF9D34C6A6077CE6250E1E681663EBFF1E19795 |
| SHA-256 | E36B8D95200965696F8FB79B0338C070E7A370B6B52F1227F7187AC201B3B4E0 |
| SSDEEP | 24:ykwdzTaLVNECo7w5QlXlunfy1XICIrYKZQgDnJkt8MswCHJfVKcDwaq+ygXA:SwECo7Hlua1XtKZQg1kt8DXJfVsP |
| TLSH | T1AE3116FFA2687270734525C87216E0FBCBA375AEE2602571FC9C94D5632A39C4236B85 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/f6/26592f65c719541dad587990993c382e698b90 |
| FileSize | 40 |
| MD5 | 58499137AF55413F1A790DF1276475BE |
| SHA-1 | F8A28EE6FC70F1DCF6281DC75C135E4437D25341 |
| SHA-256 | D384406137AF099CE08DE644E5C71F51BC6011AE0C5F0B2706F94E0ADCAF0177 |
| SSDEEP | 3:gCD/43BEN:X/cEN |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/prelude-lml.conf |
| FileSize | 7191 |
| MD5 | 9F413DD828C3D401762CECA4E2CFC919 |
| SHA-1 | 3200F3F42A0E4F69CADCE4AF0D8E14A8675C0503 |
| SHA-256 | FC654F5231D96AEB077CD59B575F729FD8BCE12F7D216BD4316727488150E851 |
| SSDEEP | 192:mKqkehijEnNUiMyB0Xus6vzGogpcNadGSO25e:mkSkUsW+OP |
| TLSH | T12DE17566D24D363B13CF13A150AEE2DD9B3D904D6E73302162DD98687201E7892FBBE5 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/42/11fcc96abda84a0084958a012692ab7b290626 |
| FileSize | 39 |
| MD5 | 6F87625166C749D56E7DE47B4540D9CC |
| SHA-1 | 1B8FB5D8F908ADA66F834EAF2300867BED10D070 |
| SHA-256 | 177A01BD24FE3F54F653D5C1345A4FF32C40BD456E7A6B7E414B37051AB1B1E8 |
| SSDEEP | 3:gCD/43VwKn:X/IwK |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/63/02b6bfc25846d647ba4dec993ff3f4dd83ed58 |
| FileSize | 32 |
| MD5 | 5E93B0CD1DA9245551389EFF574F33AD |
| SHA-1 | AD0C142622AB684C99FF78FF69DF971427E5E5BF |
| SHA-256 | 38BEDF3DAE95EA1618C2076D21DAA4468A8F3E85C5C777CC68A612ADED4C6F78 |
| SSDEEP | 3:gCD2MI:X2R |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/lib/prelude-lml/pcre.so |
| FileSize | 31640 |
| MD5 | 620E2D34118190021E53257F6202ADA1 |
| SHA-1 | 31E791410FCB62B08A8EB8DB7DC1938AADCAB95B |
| SHA-256 | BD326F7A22F496A9A5A7767A42CD4CD06DE1043065C2F3C5045EA96A99BDD81A |
| SSDEEP | 768:4+sWZ0SBo1Yq75jdC+rIt39Bc4iO81rWDewHIZs6GiBjFkW0O0429mLieOY:FzZ0SBo1Y45jdatNBc4iO81rWSwHIZ/T |
| TLSH | T1E4E2E8DAF0909A72C6C05675F769875C33B353B483CBA702DA1841B42EB6AAC4D77F06 |