| Key | Value |
|---|---|
| FileSize | 82128 |
| MD5 | 58CFDC3B64E5EAE53770158A743EB05A |
| PackageDescription | Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 5.1.0-2 |
| SHA-1 | 6E0B0FF50BDE2E3B214F6B32017B3DC08D46012B |
| SHA-256 | 2D17970EE9A043E24B45F2F148CAB9B8CA01634FBD0D617B50B23B283F8A396D |
| hashlookup:children-total | 15 |
| hashlookup:trust | 50 |
The searched file hash includes 15 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/HACKING.README |
| FileSize | 756 |
| MD5 | 1475976CC703D5CACF83483486774A0B |
| SHA-1 | 2FCBA98BFEAFCEA21E12CAD85F979583F9B51DA0 |
| SHA-256 | 1DB2E6985C825EB5742271954E017E2F8DDEE0A11A022EDDA6F9A00C19F7846C |
| SSDEEP | 12:hBe+oVOrqLRh1y4AvoInFbyE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvw49IxM5yCmFjqNHkxNEeAvW |
| TLSH | T19D01D01EF26C62A4198105E17682E3F2660F41DACB324432E257D4C533BBA7E853F5DD |
| Key | Value |
|---|---|
| FileName | ./usr/lib/x86_64-linux-gnu/prelude-lml/debug.so |
| FileSize | 14488 |
| MD5 | 7D057DFDA56C057807E04E217977C157 |
| SHA-1 | 233D36EA1573108CA804990917556337481B7E18 |
| SHA-256 | CFEEE4C594320BB530C43EC88CDB6B0D3B903A8C6694DD0536FBD15D5443C13B |
| SSDEEP | 192:Rw8/c/NMMavXvn/3PHfXvn/3PHfayqC6XGlGw5i:hc//avXvn/3PHfXvn/3PHfayqC62z |
| TLSH | T16152760ED220CE3EC5FCA272C59745712271A098B2B1163F7F9092761DE731856B3D99 |
| Key | Value |
|---|---|
| FileName | ./usr/bin/prelude-lml |
| FileSize | 137720 |
| MD5 | F9B4E7182831AB2608C9AB14843968AF |
| SHA-1 | 5EC425A9C3C544EB1AF2B6189D0F20FF4ACB5AF1 |
| SHA-256 | A9EA10C4394AE9C1DB69554BD1F727CB6C1532DF370B644129236D485981A12B |
| SSDEEP | 3072:DiA02JGgtXXJ/9S5BA4Tun7otv4T6k8r:DnBXJ/9S5GKu7M68r |
| TLSH | T156D3090FB1514D7CC4C0E571CAABE2526670B418A331262F3E4097B92EA6B7C5B7FE25 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/plugins.rules |
| FileSize | 836 |
| MD5 | 446480A94DE7E09917ACD9C48361234B |
| SHA-1 | CCC52AC2BE9F8DCFFA54115CD8F46FC7995DC8D5 |
| SHA-256 | 6E009A53AD344BD1563EA2A2B79A8D3F53886948567979355EA3FCCD2C3F6BF9 |
| SSDEEP | 24:SslZ+0CJBxd1ayS3EPSR0LSjTWdEkoF7lS5EPgLRSaAgm:S++0CJBX1ayS3yS+LSncEnS5ygLqgm |
| TLSH | T172014C1F878D253101E584E23099E1D9462AD2D9ABF0E091F7DE855C6B3497E51A9D40 |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/include/prelude-lml/prelude-lml.h |
| FileSize | 2439 |
| MD5 | FC9298B3C4ABCC10B3DC7A1174446E42 |
| SHA-1 | C43D94F0BD3B67119993CA466888E08D3E934762 |
| SHA-256 | 9249B3E390B8DE2970B401141F15F400901B66F113723AC930721B2F338DADD4 |
| SSDEEP | 48:Hamdpey3HTyiDNxUbta6zr4yno6SuYUSui7WoPoFnojTTnOB05s:HTBD0XZ/Z |
| TLSH | T11441A9D1983EC7A63DB20BF120D652C3600962ED7A75DAC2754EF35C45A737C2222BA7 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README |
| FileSize | 1728 |
| MD5 | 05E12D515E6B5F984C8B880E9A9D5009 |
| SHA-1 | E187FDE5A267DC18E07A31E90A4738422A14958F |
| SHA-256 | 64826052D54C20F3E93CCE7E6BDC00D2BCBE96D6E850C1955C5D06EEE6BB9FEF |
| SSDEEP | 24:yAwdzTaLVNECo7w5QlXlunfy1XICIrYKZQaIJkt8MswCHJfVKcDwaq+ygXA:kwECo7Hlua1XtKZQ3kt8DXJfVsP |
| TLSH | T16A3116FFA2687270734525C87216E4F7CB6375AFA26025B1BCDC84D5632A39C4132B85 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README.Debian |
| FileSize | 517 |
| MD5 | 1298A4E7F1407B397C009E970A0EA593 |
| SHA-1 | 487955E33B167AA2C765B8B1BC951E55608DC0BA |
| SHA-256 | 2FC3B69E22C20B480C2AA5B833AD58E4BB3096BF6AC1D2EEA10F0327426B581B |
| SSDEEP | 12:nkcoBHPyNmY/m5LaR9dEB+EsRFkcvhY1V2kK0huKIcKe/m9:QNKmY/m5LudEB+EsbhCfK0huKIcKeu9 |
| TLSH | T1F9F09EE66DCD788511F0DBEAF022C090D65BFC5E50407131700CE1EE410234C05CE210 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/copyright |
| FileSize | 7030 |
| MD5 | 8DE6A615D73A76DB35FEE2F6085170CE |
| SHA-1 | 31910119AC548E9E3D41CE57E1C3371F81345249 |
| SHA-256 | 9B4549C7CBBFF27FCD1CB9AC49C7AA195DDD6AF0C63A96E4B386D638AAF28A13 |
| SSDEEP | 192:x/PEqLOrXc3vlRH3o13hy5pWo/z4zqeFs:xnEqars3vvXqhUWo/z4zqeFs |
| TLSH | T19CE1A64E1940C7BB19C01BA0394F94DAE31757EE767EC490105E938E9E0BB3A27F24D8 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/tmpfiles.d/prelude-lml.conf |
| FileSize | 34 |
| MD5 | 9AA765C0FBD435BC86E8A9D53018E6BB |
| SHA-1 | E09E2FA82BD7D652E6770F0A6923AEFB5CCA817E |
| SHA-256 | 225A587D7BDE0445A26EAF9D1B049B32C4B88CB75D73EDDB6EA932FB00C24999 |
| SSDEEP | 3:kQe4VjC3HJ:kQldC3J |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/AUTHORS |
| FileSize | 117 |
| MD5 | CDEE48F5CC0004C4F0C2F1A8F885E09F |
| SHA-1 | ED9670154CCA42933907B27FE954F4EF0CB35DBA |
| SHA-256 | 920630E1CCFF2B2263679C90F7EAC63CFA325BF2111708BC97C63A603A37D37C |
| SSDEEP | 3:L2UorMXR9j9Vf0S4ie82Zm1pz0tYMKn:L2UorMB59J4r82g+YMKn |
| TLSH | T13CB012ED22B431BB3F02951C2265C8F35A613DEBC2B386E3BE70F4C256720125414348 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/x86_64-linux-gnu/prelude-lml/pcre.so |
| FileSize | 39408 |
| MD5 | A9EC32970539C2CDEC0274176A38E37D |
| SHA-1 | 07F119E14300D5E5367A2A0DC77F0DC518185D6E |
| SHA-256 | 1F1B307EE87F21C7935196952722BE980B086EF42F60767B0A7AECB73BDCFD95 |
| SSDEEP | 768:lcE/GiAccAwYJxZBpR5hJxZBpR5hcEsU8kM0cEsU8kM0cEsU8kM0cEsU8kM0/HPw:lcE/GiAcG8dA6om51apMhmh |
| TLSH | T1B703E71FF1614CBDC8D4A0B1CEABD5625630B018A131192F7F8083BE2DE66355BBBE25 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/changelog.Debian.gz |
| FileSize | 1862 |
| MD5 | CE75F1B8147233B58462C53AE46BBB2E |
| SHA-1 | E1F41DD05AF0AAC307133F75A47570437D8C7192 |
| SHA-256 | 00F9A0997F13F55289E453579600327C1E3CE722239A725ED8C46287B684871E |
| SSDEEP | 48:XG1RVj5ILCnglAK17M3ZqRqs/smOiqXvLemOU:21RVN1Q3dsmOiqDe4 |
| TLSH | T14E3119585E2D7B3AB626B415129FF9EDBF9110820363106AC1FAA87753EA96D230C4C9 |
| Key | Value |
|---|---|
| FileName | ./lib/systemd/system/prelude-lml.service |
| FileSize | 152 |
| MD5 | 8C583644419BCD84F97511F76D10284A |
| SHA-1 | 9E329CC69398403460EDDA0CDA307153F7980D0A |
| SHA-256 | B1833CB9E3EAE96398A4645ED706256053E9BA15B6EE81F4ABED3BFC2200DD66 |
| SSDEEP | 3:zMZa7+rUSXABlRVGmDMzdK+aQ9sHSdS5czTLESkQmWA1+DRvn:z8tU6wlzGmDMzdK+aG858ILQmWA4Rv |
| TLSH | T1C3C08C29F48064A0980A2AABCE724BA85A504508AF8DF82436A124291AC0656A4348A9 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/NEWS.gz |
| FileSize | 10620 |
| MD5 | 4574EDD2231473F61D95DD86FDDE3CC2 |
| SHA-1 | 056DE68504EE495D02D26BDD8CA70FF016744A26 |
| SHA-256 | 0ED1086141FD4FDB5855FD029D7FC17780B228CF991090A7115DC52C5C40836E |
| SSDEEP | 192:ITqldEAFXgog7VJqN6GRJ30wHhFtnBCWXMj32K3O29t3TfSPw:0AFXt4VWGwBkjP3hP |
| TLSH | T1AD22BF62A34381A8F2DE54B9634936821D4CEFA9E41DB73FF5411A83E334950EE8B34D |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/prelude-lml.conf |
| FileSize | 6917 |
| MD5 | 4B210089C022CDA5FEEA7F84D448EF59 |
| SHA-1 | 2A4275053E100658A3AABDC4B42FAFFCCCFBEE6D |
| SHA-256 | 1034D4064DA3BA5574B02FA1EAB815AA3CFC27C653A477AB40D3BAB0E06D469F |
| SSDEEP | 192:mKqkehijEnNUiXyB0Xus6vzGUgp4MlO25e:mkSPUsWkOP |
| TLSH | T133E17466D24D373B13CB03A150AEE1DD9B3D904D6E73341262DD98683201E7892FBBE5 |