| Key | Value |
|---|---|
| FileSize | 91540 |
| MD5 | AAAC6105988BB64E8D6AD4446596A689 |
| PackageDescription | Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 4.1.0-1 |
| SHA-1 | B529241C7BAFD7F22BD483D0294C7528A1AC7FFA |
| SHA-256 | 869105C031050B15147AF3A4D7445AA0EAB422C1828817AEE72663E4FD6B5DF7 |
| hashlookup:children-total | 15 |
| hashlookup:trust | 50 |
The searched file hash includes 15 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/HACKING.README |
| FileSize | 756 |
| MD5 | 1475976CC703D5CACF83483486774A0B |
| SHA-1 | 2FCBA98BFEAFCEA21E12CAD85F979583F9B51DA0 |
| SHA-256 | 1DB2E6985C825EB5742271954E017E2F8DDEE0A11A022EDDA6F9A00C19F7846C |
| SSDEEP | 12:hBe+oVOrqLRh1y4AvoInFbyE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvw49IxM5yCmFjqNHkxNEeAvW |
| TLSH | T19D01D01EF26C62A4198105E17682E3F2660F41DACB324432E257D4C533BBA7E853F5DD |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/copyright |
| FileSize | 7030 |
| MD5 | 1CBEF425C9C3FA5C7ADC119185A99A53 |
| SHA-1 | 50CCBF06F6C0F142785409FB58D1E05F9CB09037 |
| SHA-256 | 2298353684BA3A7062161C6E2D1EC4BE3C86396B91B307F5CC1487D34C0970BD |
| SSDEEP | 192:xZPRDLOrXc3vlRH3o13hy5pWo/z4zqeFs:xNRDars3vvXqhUWo/z4zqeFs |
| TLSH | T108E1854E1940C7BB19C01BA0394E95DEE31757EE767EC490105E939EAE0BB3A17F24E4 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/i386-linux-gnu/prelude-lml/pcre.so |
| FileSize | 34232 |
| MD5 | B29FA3CB9BC4B0A8EED351412A52886A |
| SHA-1 | 0FB08C1AF96AB155EC2AEDB9CF408FD646CD298A |
| SHA-256 | DE374DAD29D98C4CF24703A35F4B71E71E6BD7777E1A31D59CC9064C218EDB15 |
| SSDEEP | 768:NKtca/w7HXAfTRlHCc2DQlSkrjycEslCrdWO2aSTch870/3JGFKnJ8eXCiO:ctca/w7HXAtXoGbwrdHhwkM8vX |
| TLSH | T1DCE2195BB383C9B1F6E302F50A478739E1705106825BF2B1FB08B39CB476615AD2627E |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/changelog.Debian.gz |
| FileSize | 1896 |
| MD5 | 490D36119ABC3FD1C3C1A47D19D5E19C |
| SHA-1 | BBDD384BFD87409C471C48FF9F260BAFA85768A9 |
| SHA-256 | 8270C0917F10A8C9CF2CBD5F40008B35D31E6EC5D51751491C8BA9CA00C43BF2 |
| SSDEEP | 48:Xv3I1QtCVkd/BhRi+2hQiqstmWp3Pd4Ti+93MRoXk:/38GCWBBhkxhQiPtTNPd4+s8WXk |
| TLSH | T18A41F9B8194DDBBBF4726CF3344ACF4A48C5396A23C153A7551B5449767832C9AAC20B |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/NEWS.gz |
| FileSize | 10478 |
| MD5 | EFAF39469CB3400D56119F3E6A35BFD8 |
| SHA-1 | DA5C31C02251737555F62D52A4F09C0102260E7F |
| SHA-256 | 6569C1AD394366DF39B30B346765AD2EC277AB6B535D79E58484B47E5DE19142 |
| SSDEEP | 192:r5U94ADo0NivLrdgxSU0ChhCSGTmoG/ew+qSD72kE7Ag8wzsx1GxEE:r+4ADq6YU0k4Sd/K7vE7Ag8uEE |
| TLSH | T15422BFEBE28E4FA07964F8725234BA94F149D729D25B58485CC1187BE8F58AF0EC0273 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/plugins.rules |
| FileSize | 836 |
| MD5 | 446480A94DE7E09917ACD9C48361234B |
| SHA-1 | CCC52AC2BE9F8DCFFA54115CD8F46FC7995DC8D5 |
| SHA-256 | 6E009A53AD344BD1563EA2A2B79A8D3F53886948567979355EA3FCCD2C3F6BF9 |
| SSDEEP | 24:SslZ+0CJBxd1ayS3EPSR0LSjTWdEkoF7lS5EPgLRSaAgm:S++0CJBX1ayS3yS+LSncEnS5ygLqgm |
| TLSH | T172014C1F878D253101E584E23099E1D9462AD2D9ABF0E091F7DE855C6B3497E51A9D40 |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./lib/systemd/system/prelude-lml.service |
| FileSize | 137 |
| MD5 | C483A1E55BD2CD3A6284F89DA0C76175 |
| SHA-1 | 18B73FBBD3FB3E1B454CF78C0475C2F32E571A38 |
| SHA-256 | 5AEDFF566A762B6EF41920EF846B2E96B9341DD4268143EB823901B5BC81B8E0 |
| SSDEEP | 3:zMZa7+rUSXABlRVGmDMzdK+aQ9sHSv2rSkQmWA1+DRvn:z8tU6wlzGmDMzdK+aGcLQmWA4Rv |
| TLSH | T16FC02B15F44070B1980B2EABCE3243A849104608EF8CF8203AE1142D06C0646A4300BD |
| Key | Value |
|---|---|
| FileName | ./usr/bin/prelude-lml |
| FileSize | 148952 |
| MD5 | 818FD0111CE2B50A8D073166480B73B8 |
| SHA-1 | D1A346F4D405AC71B7AC359FF0E33A2E1BC2D77A |
| SHA-256 | C3877A75804A3368D55A7396BEB496344823DCCB6FC777D67B4B9BDE903854C5 |
| SSDEEP | 3072:g51WpylxpL/Pkjd9tY9xaXVhxQvpb+zZqnqsLys:e1gC3Ujd9tMaLxQvpbU8qsf |
| TLSH | T1ACE33A49B797D8F0E2E205F9061B83B259204509E263F6A2FF4DB7AC783631D6E12375 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/i386-linux-gnu/prelude-lml/debug.so |
| FileSize | 9468 |
| MD5 | E80BFBD4635D82C35DD1360ADDE04946 |
| SHA-1 | 5F5BFBCB66ED4EE73232B0F51588B698ED796BB5 |
| SHA-256 | 524443FCA75637E929C0554EF66721BC74080805011896491381D916EEDF55B4 |
| SSDEEP | 192:w9X8lpndJVX3Qgc28XoVMsq6nVFCnbLLy2:w4BggBVMsqaCnbLL |
| TLSH | T1AA12964779A2CA33D3C5027C815B467A55369554C3E3C2A3FA2C739C1922258EF63739 |
| Key | Value |
|---|---|
| FileName | ./usr/include/prelude-lml/prelude-lml.h |
| FileSize | 2439 |
| MD5 | 9A72521F2588924E6A03B1DF1B06E871 |
| SHA-1 | CC634DDA111D1365B631E1871E3C033309CB4764 |
| SHA-256 | DB0633C74EFB1F5703926B8FE6D8A4BD8EE06FD06F6D04DF4364E7A226486CF5 |
| SSDEEP | 48:9amdpey3HTyiDNxUbta6zr4yno6SuYUSui7WoPoFnojTTnOB05s:9TBD0XZ/Z |
| TLSH | T13441A9D0983EC7A63DB20BF120D652C3600962ED7A65DAC2754EF35C446737C1222BA3 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README.Debian |
| FileSize | 517 |
| MD5 | 1298A4E7F1407B397C009E970A0EA593 |
| SHA-1 | 487955E33B167AA2C765B8B1BC951E55608DC0BA |
| SHA-256 | 2FC3B69E22C20B480C2AA5B833AD58E4BB3096BF6AC1D2EEA10F0327426B581B |
| SSDEEP | 12:nkcoBHPyNmY/m5LaR9dEB+EsRFkcvhY1V2kK0huKIcKe/m9:QNKmY/m5LudEB+EsbhCfK0huKIcKeu9 |
| TLSH | T1F9F09EE66DCD788511F0DBEAF022C090D65BFC5E50407131700CE1EE410234C05CE210 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README |
| FileSize | 1728 |
| MD5 | 05E12D515E6B5F984C8B880E9A9D5009 |
| SHA-1 | E187FDE5A267DC18E07A31E90A4738422A14958F |
| SHA-256 | 64826052D54C20F3E93CCE7E6BDC00D2BCBE96D6E850C1955C5D06EEE6BB9FEF |
| SSDEEP | 24:yAwdzTaLVNECo7w5QlXlunfy1XICIrYKZQaIJkt8MswCHJfVKcDwaq+ygXA:kwECo7Hlua1XtKZQ3kt8DXJfVsP |
| TLSH | T16A3116FFA2687270734525C87216E4F7CB6375AFA26025B1BCDC84D5632A39C4132B85 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/tmpfiles.d/prelude-lml.conf |
| FileSize | 34 |
| MD5 | 9AA765C0FBD435BC86E8A9D53018E6BB |
| SHA-1 | E09E2FA82BD7D652E6770F0A6923AEFB5CCA817E |
| SHA-256 | 225A587D7BDE0445A26EAF9D1B049B32C4B88CB75D73EDDB6EA932FB00C24999 |
| SSDEEP | 3:kQe4VjC3HJ:kQldC3J |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/AUTHORS |
| FileSize | 117 |
| MD5 | CDEE48F5CC0004C4F0C2F1A8F885E09F |
| SHA-1 | ED9670154CCA42933907B27FE954F4EF0CB35DBA |
| SHA-256 | 920630E1CCFF2B2263679C90F7EAC63CFA325BF2111708BC97C63A603A37D37C |
| SSDEEP | 3:L2UorMXR9j9Vf0S4ie82Zm1pz0tYMKn:L2UorMB59J4r82g+YMKn |
| TLSH | T13CB012ED22B431BB3F02951C2265C8F35A613DEBC2B386E3BE70F4C256720125414348 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/prelude-lml.conf |
| FileSize | 6917 |
| MD5 | 4B210089C022CDA5FEEA7F84D448EF59 |
| SHA-1 | 2A4275053E100658A3AABDC4B42FAFFCCCFBEE6D |
| SHA-256 | 1034D4064DA3BA5574B02FA1EAB815AA3CFC27C653A477AB40D3BAB0E06D469F |
| SSDEEP | 192:mKqkehijEnNUiXyB0Xus6vzGUgp4MlO25e:mkSPUsWkOP |
| TLSH | T133E17466D24D373B13CB03A150AEE1DD9B3D904D6E73341262DD98683201E7892FBBE5 |