| Key | Value |
|---|---|
| FileSize | 186384 |
| MD5 | 8C4AA34FE600E1B68DA009DE245F9F74 |
| PackageDescription | Security Information and Events Management System [ Correlator ] Prelude-Correlator allows conducting multi-stream correlations thanks to a powerful programming language for writing correlation rules. With any type of alert able to be correlated, event analysis becomes simpler, quicker and more incisive. This correlation alert then appears within the Prewikka interface and indicates the potential target information via the set of correlation rules. . The features currently include: * Rapid identification of important security events, enabling the analyst to assign task priorities * Alert correlation originally from heterogeneous sensors deployed on the whole infrastructure * Real-time analysis of events received by the Prelude Manager |
| PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
| PackageName | prelude-correlator |
| PackageSection | admin |
| PackageVersion | 4.1.1-2 |
| SHA-1 | 76EA422B6F5DB5E9F15536BAC170ECF5C0299C2F |
| SHA-256 | A5103726EA03BC7A12D6FA5014E244A8F31A6F6932A78D601AD6583C33E4F844 |
| hashlookup:children-total | 42 |
| hashlookup:trust | 50 |
The searched file hash includes 42 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./var/lib/prelude-correlator/prelude-correlator/spamhaus_drop.dat |
| FileSize | 22086 |
| MD5 | E460077A27327E1506741A6164A7491C |
| SHA-1 | 12F3358C94A43C9C187CACB8A74F6C2A6A030495 |
| SHA-256 | A4693337B797CDC104056FB98D6D53582DC2975D8C88DF0D50D588340FD3F573 |
| SSDEEP | 384:mRZrfiNHZYy/cyjjtSHEpCw08rvOx/ac8GWf+1IW9P5ReSZNNesl29ZqpzZ9skGr:mibYHicZzmE0 |
| TLSH | T1E1A249F2AFF519FFCCD0609BD22FC539A123A6C175E5B7125F4F2250B92A880762B518 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3/dist-packages/preludecorrelator/context.py |
| FileSize | 12195 |
| MD5 | F6A3F1B0B4DA668C52F874F5EBFA47E9 |
| SHA-1 | 13F4974B7ACC31EC70D92E64B585FAF31666CF9B |
| SHA-256 | 2F6F8BB5CCC05DC980CD4B0665FD0E22EC9D6A749C3380328BF0E10E8DF1D9D5 |
| SSDEEP | 192:WwTgCRMBFAH5oHez/FQYrOa0IpdTa63Hyi1y9j:Ww8CREAv/FQ74Z89 |
| TLSH | T1954210BD19438912D3E389AE8997F783371AAD13550C9434B6FD52C4AFA052086F7EEC |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3/dist-packages/preludecorrelator/config.py |
| FileSize | 2768 |
| MD5 | 7437DD97129104FD22D55967773C323C |
| SHA-1 | 14CB08A733407B72E213EA7A675481403DCAC99E |
| SHA-256 | 32EB4D2291434CD8606E1203FA31B4EAD1EEFCB53692483876F688C4F7F3B21E |
| SSDEEP | 48:/pDg4yUjHTYsuu7Gq+dGSsh3hgKv2cUHhdozaCtop:/pEwTruu7GqeGSs/ASC |
| TLSH | T1E6515545242EA4AB8213965CD84BC19EEB297A87396E403135FCF3987F0C470E1F398D |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-correlator/README |
| FileSize | 1469 |
| MD5 | D43BB1AEDD4B132D74AF55A2333CC08B |
| SHA-1 | 1D813BC8C0AB93192F22EFC0C7462CC2C31993DF |
| SHA-256 | 904DA691F8AA23E21AEB10BE8B9654B3BB2579CFB96F4906FCCA0A91EB8F4BD8 |
| SSDEEP | 24:GCAjsweseF7FPA+nTF0fy1XICQrEKZQaIJkt8MswCHJfVKcDwaq+ygXK:GDjsweseFzFV1XrKZQ3kt8DXJfVsX |
| TLSH | T15331EBFFB734326060412288B256E8E5CB6371EEA39065B6B89C64D1732635CD636AC5 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3/dist-packages/preludecorrelator/log.py |
| FileSize | 2903 |
| MD5 | 0AB6BF44745F2C4A6D108728BC50F6E8 |
| SHA-1 | 243CCDBBA03FCD1C934BB0A7E86B529651EB99B1 |
| SHA-256 | 436838D16E3F2666077D8D41500AEB0BE769BC95CF5DB098705B1F553EFC806A |
| SSDEEP | 48:/pDg4yUjHTYZAAuY+iYysQy7y7ryJILqFe3uyuwcn0/SDglLqYOeQd:/pEwTmAAnXYokYWI2suyNKXd |
| TLSH | T1D15156A9462B64669A4509C8A4DDE2DA7739BED7201CF0F43A9CB3C43F0883C49FB954 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-correlator/rules/python/WormPlugin.py |
| FileSize | 3068 |
| MD5 | 055856F3D0DAD1CF6207F034D560BE6C |
| SHA-1 | 326CA38CAEC873F12D1D7903DE469DE2302756E0 |
| SHA-256 | 16B8E7601DC45643E090D4DBE737AA9CD0DCA169F57550FE5000D4414674AC41 |
| SSDEEP | 48:tlDg4yUjHTY5xpt31ZQWXfjaXOF4Wgr4WKIc+/oZFOE0SVv8raOiULIV+:HEwT+xpt31ZQKhSJr7/N/Kv9O/Iw |
| TLSH | T16751BA5D1220DBB6668302A6208F71E67319C6E342175C2C796DC28CAFB2DB141739F8 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-correlator/rules/python/EventStormPlugin.py |
| FileSize | 1768 |
| MD5 | F7A20A2C5DC6B3B2BEB88A49B69EB604 |
| SHA-1 | 340B29A7DF88B3105F736C3DA6C6E348BCC59B86 |
| SHA-256 | 639BBF082925E9CE5C88F9B23D0FD2EE4EE759EC7F1B374A5ECFA562D1687125 |
| SSDEEP | 24:QsJ4lHK2ahJiyUVOkHxHqTbVloY5w7qDvKEss+wiMXFFN4XFFoTDNsIQ0fGMNGM9:tWHDg4yUjHTYyuKnwVF6FoTpsIz/ |
| TLSH | T17E31768D5471DA70590403F4214BA4DD73295AC366A9AC14B41CD98DFBD5EB582326EC |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-correlator/rules/python/EventSweepPlugin.py |
| FileSize | 2338 |
| MD5 | 0DBB0169589FC3BB7744D526F00DE29E |
| SHA-1 | 35956594B1399433C9DC5536DB20EA3AB1E178C2 |
| SHA-256 | C1A945AC33A9676D0AF5CBFC73DA3A68BAF7B860AD2D6BAA7CA81A8CE0E115A3 |
| SSDEEP | 48:tWHDg4yUjHTYy7VY1ZN8HFoTJcPBKsP1ZGU53:UHEwT/7MZGocPnPjGe3 |
| TLSH | T1FE41C74E4520EDB0590502B4118BA1DD732959C3E52F5C1CBC2EC20EABE9E7686721EC |
| Key | Value |
|---|---|
| FileName | ./usr/lib/python3.6/site-packages/prelude_correlator-5.2.0-py3.6.egg-info/top_level.txt |
| FileSize | 18 |
| MD5 | 4C1B85996D2C81D75A00CC386398B8EE |
| SHA-1 | 3EFA2415EEFFD8DCBA452932496255FE9A3FC059 |
| SHA-256 | 4F208AF8428D6B4AEBF422E943DD796D09B5CFB8FBFA72B35CE1270419D1BD6F |
| SSDEEP | 3:iJHXQJfn:iJ3Qp |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-correlator/rules/python/BruteForcePlugin.py |
| FileSize | 3258 |
| MD5 | AF31A43972B6E01519287D84463F170B |
| SHA-1 | 4739D876747984106C05D2DDC9BAFF5401A1C78C |
| SHA-256 | AE17D8553B762BE5C8BAE4E7FF0241D255AFA7B705C5AF69FC5A76F32D7B9C8C |
| SSDEEP | 48:tWHDg4yUjHTYeAumhVFH7f0dytVfO8Atot3tONtjXSYAB8:UHEwTpA7/50dU14totdMjic |
| TLSH | T1D461871F4A385D65AB4203E1609B60ED762E6BD7459AAC2CB82DD14CFF98CB142734E8 |