| Key | Value |
|---|---|
| MD5 | 7C2F1F89026C4883DD267427DB4038BD |
| PackageArch | armv7hl |
| PackageDescription | The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | daviddavid <daviddavid> |
| PackageName | prelude-lml |
| PackageRelease | 1.mga7 |
| PackageVersion | 5.0.0 |
| SHA-1 | AAE6F30F4F32F4EA91FE81246DF717292171FE8E |
| SHA-256 | 9CD111560BC01E791DE26FEBFD4ABAA3A738921492016B98F7058C970B6E4309 |
| hashlookup:children-total | 15 |
| hashlookup:trust | 50 |
The searched file hash includes 15 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/HACKING.README |
| FileSize | 756 |
| MD5 | 1475976CC703D5CACF83483486774A0B |
| SHA-1 | 2FCBA98BFEAFCEA21E12CAD85F979583F9B51DA0 |
| SHA-256 | 1DB2E6985C825EB5742271954E017E2F8DDEE0A11A022EDDA6F9A00C19F7846C |
| SSDEEP | 12:hBe+oVOrqLRh1y4AvoInFbyE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvw49IxM5yCmFjqNHkxNEeAvW |
| TLSH | T19D01D01EF26C62A4198105E17682E3F2660F41DACB324432E257D4C533BBA7E853F5DD |
| Key | Value |
|---|---|
| FileName | ./etc/rc.d/init.d/prelude-lml |
| FileSize | 1356 |
| MD5 | F37EBF9D3EFA954629F54C42F758B519 |
| SHA-1 | F1E5A2D6E6BDA5458F3D3723EA0BCD10AB7C41E8 |
| SHA-256 | 317DF5AAA76C2B228B7141F74781454BBD3D42138A2589DCF6520CEBA85741AF |
| SSDEEP | 24:F/Cvr+MbWqswPIuJ6yMb/MbPNqRIJq/EHOx20Tv7GPrJuZ94WDjK:FqDUNwwE66N+MHOhTCOTjK |
| TLSH | T1A32111F73034B9318D2F0A98C49DE7F92D31A10F81A3FCFAA03A66D1108919A85B8875 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/prelude-lml/debug.so |
| FileSize | 5384 |
| MD5 | FF0B1E6F059F65B6576C161EB14BFF89 |
| SHA-1 | 115A84D61119FFD4C7FA53D07E61DE0ABA358C91 |
| SHA-256 | C6B288CE80E566E66F077E889D2750A50923198989CECD4640777865A230FDEB |
| SSDEEP | 96:F1zfBWBcO9r4sGXV/2UPLeZFYrhiIGgoCtnx3:vzf8NbGXVVPLEKiIGaz |
| TLSH | T15DB162D562A28F77C080127883B75AD02222E2D066E76B53D66041643EAE77CDDB3C5E |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml-devel/NEWS |
| FileSize | 30309 |
| MD5 | 7D5ECF052B8638DE70DC950C41B09C0D |
| SHA-1 | 00D27A15EF1D6F8D99211F1D108435109D92A896 |
| SHA-256 | 65D1B57796816279136CB702699E3AA93C580448F4D018391063800055C2844B |
| SSDEEP | 384:WPK/o951i9ipVVMebv4r9zOXIgMRbEmY/ZzzA+g6ha5FTjTzl+xcJYUDD7a4EW:WS/e6ipVBy9CXI5FEmazzA+gMg9Kqau |
| TLSH | T16AD2F9A3B66832271A521DBAE1CA82D2EF7C746FD353B5A435CD45883F01470D2F6A98 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/plugins.rules |
| FileSize | 836 |
| MD5 | 446480A94DE7E09917ACD9C48361234B |
| SHA-1 | CCC52AC2BE9F8DCFFA54115CD8F46FC7995DC8D5 |
| SHA-256 | 6E009A53AD344BD1563EA2A2B79A8D3F53886948567979355EA3FCCD2C3F6BF9 |
| SSDEEP | 24:SslZ+0CJBxd1ayS3EPSR0LSjTWdEkoF7lS5EPgLRSaAgm:S++0CJBX1ayS3yS+LSncEnS5ygLqgm |
| TLSH | T172014C1F878D253101E584E23099E1D9462AD2D9ABF0E091F7DE855C6B3497E51A9D40 |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/prelude-lml.conf |
| FileSize | 6976 |
| MD5 | F5183E2F0F05CC917DECDC23F1954FC8 |
| SHA-1 | AD3DE09C3934AB13B43FF7EA82F10826BCA92B4D |
| SHA-256 | 700BD25142068064FD3B9417CC5928C0CDBD21A9E96F822E8AA7ABE5E4297DCA |
| SSDEEP | 192:mKqkehijEnNUiMyB0Xus6vzGogpcNadlO25e:mkSkUsWiOP |
| TLSH | T182E17466D24D3A3B13CF07A150AEE1DDDB3D904D6E63241262DD98683201E7892FBBE5 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README |
| FileSize | 1728 |
| MD5 | 05E12D515E6B5F984C8B880E9A9D5009 |
| SHA-1 | E187FDE5A267DC18E07A31E90A4738422A14958F |
| SHA-256 | 64826052D54C20F3E93CCE7E6BDC00D2BCBE96D6E850C1955C5D06EEE6BB9FEF |
| SSDEEP | 24:yAwdzTaLVNECo7w5QlXlunfy1XICIrYKZQaIJkt8MswCHJfVKcDwaq+ygXA:kwECo7Hlua1XtKZQ3kt8DXJfVsP |
| TLSH | T16A3116FFA2687270734525C87216E4F7CB6375AFA26025B1BCDC84D5632A39C4132B85 |
| Key | Value |
|---|---|
| CRC32 | 4E46F4A1 |
| FileName | ./usr/share/cmake/Templates/fedora/gpl-2.0.txt |
| FileSize | 18092 |
| KnownMalicious | malshare.com |
| MD5 | B234EE4D69F5FCE4486A80FDAF4A4263 |
| OpSystemCode | 362 |
| ProductCode | 15109 |
| RDS:package_id | 313212 |
| SHA-1 | 4CC77B90AF91E615A64AE04893FDFFA7939DB84C |
| SHA-256 | 8177F97513213526DF2CF6184D8FF986C675AFB514D4E68A404010521B880643 |
| SHA-512 | AEE80B1F9F7F4A8A00DCF6E6CE6C41988DCAEDC4DE19D9D04460CBFB05D99829FFE8F9D038468EABBFBA4D65B38E8DBEF5ECF5EB8A1B891D9839CDA6C48EE957 |
| SSDEEP | 384:ghUwi5rpL676yV12rPd34ZomzM2FR+dWF7jUI:gmFWixMFzMdm7jUI |
| SpecialCode | |
| TLSH | T13A82A42E770443F205C202A16A4F68DFA32AD5B9723E1155386DC15E236FE35C3BFA99 |
| db | nsrl_legacy |
| insert-timestamp | 1728991626.679368 |
| mimetype | text/plain |
| nsrl-sha256 | rds241-sha256.zip |
| source | snap:MmD5jWldYNMNgb2rFFht3FNKGJx1FLLV_613 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/sbin/prelude-lml |
| FileSize | 107160 |
| MD5 | E3E23CA44FF6F4D2CA6DE9EA0C87FCAC |
| SHA-1 | 8F78FEBD543FA2DC5C7A1F615C557CC6A3A26C07 |
| SHA-256 | 1CA05D28D474A3DDCCA4AD94E52217FD7074E4EA94F42A5FE3D70714187DCA61 |
| SSDEEP | 1536:LOEb0ALilkuLZB5lvCAtWlH8YtUzfRlOJZzk2lv/5jQVxk:LO40ALEd1x/WLtI6JRk2x5Y |
| TLSH | T19DA30AD7F8428FFBC6C00FBD775B8765331657E8C2C6A742D808417469896AF4B3AA42 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/f6/26592f65c719541dad587990993c382e698b90 |
| FileSize | 40 |
| MD5 | 58499137AF55413F1A790DF1276475BE |
| SHA-1 | F8A28EE6FC70F1DCF6281DC75C135E4437D25341 |
| SHA-256 | D384406137AF099CE08DE644E5C71F51BC6011AE0C5F0B2706F94E0ADCAF0177 |
| SSDEEP | 3:gCD/43BEN:X/cEN |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/AUTHORS |
| FileSize | 117 |
| MD5 | CDEE48F5CC0004C4F0C2F1A8F885E09F |
| SHA-1 | ED9670154CCA42933907B27FE954F4EF0CB35DBA |
| SHA-256 | 920630E1CCFF2B2263679C90F7EAC63CFA325BF2111708BC97C63A603A37D37C |
| SSDEEP | 3:L2UorMXR9j9Vf0S4ie82Zm1pz0tYMKn:L2UorMB59J4r82g+YMKn |
| TLSH | T13CB012ED22B431BB3F02951C2265C8F35A613DEBC2B386E3BE70F4C256720125414348 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/42/11fcc96abda84a0084958a012692ab7b290626 |
| FileSize | 39 |
| MD5 | 6F87625166C749D56E7DE47B4540D9CC |
| SHA-1 | 1B8FB5D8F908ADA66F834EAF2300867BED10D070 |
| SHA-256 | 177A01BD24FE3F54F653D5C1345A4FF32C40BD456E7A6B7E414B37051AB1B1E8 |
| SSDEEP | 3:gCD/43VwKn:X/IwK |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml-devel/ChangeLog |
| FileSize | 762188 |
| MD5 | 11B623694538049464D2AE5877DF5259 |
| SHA-1 | 60B3A3096F97B93F6BDEB494C1E1D86DCF2826F6 |
| SHA-256 | 32820094E3BCB8B1FE92BDC76A652CE6F72992434FAA92A43D5193B275DB0D12 |
| SSDEEP | 6144:G9tZYmUQdDwhi0dps2aj5UnQX7fJUDSdLnD76H/1TslUWBIpzB+KgQg:G9tZYmUQdDwFMbVUU7fJUDenD7QCBI9g |
| TLSH | T196F44FD79E3A25132175E3B385A06092FE4BF2DF6325A4B8397DB1C4DF0971412BEA09 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/63/02b6bfc25846d647ba4dec993ff3f4dd83ed58 |
| FileSize | 32 |
| MD5 | 5E93B0CD1DA9245551389EFF574F33AD |
| SHA-1 | AD0C142622AB684C99FF78FF69DF971427E5E5BF |
| SHA-256 | 38BEDF3DAE95EA1618C2076D21DAA4468A8F3E85C5C777CC68A612ADED4C6F78 |
| SSDEEP | 3:gCD2MI:X2R |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/lib/prelude-lml/pcre.so |
| FileSize | 26340 |
| MD5 | 97C54E48CD477256EEB0D7CF3BAFB378 |
| SHA-1 | A5C2FF362689095B8103ACB9BC2516C4891987D2 |
| SHA-256 | 7F19B30A679DE6856FAB644D955C6F460F5DE9761BE953783C0A1316A379A54D |
| SSDEEP | 768:QNMca/jaAcDVcd2+kTeQPoirg9jZlRfpVB9AjAL:WMca/jaAcSrQvrg9jzRRVB9AjA |
| TLSH | T195C2B6DB70518AA7C1C016B5B75E871C73A743FA81C97706D804C2612FCF9BD8D3AA5A |