| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/plugins.rules |
| FileSize | 836 |
| MD5 | 446480A94DE7E09917ACD9C48361234B |
| SHA-1 | CCC52AC2BE9F8DCFFA54115CD8F46FC7995DC8D5 |
| SHA-256 | 6E009A53AD344BD1563EA2A2B79A8D3F53886948567979355EA3FCCD2C3F6BF9 |
| SSDEEP | 24:SslZ+0CJBxd1ayS3EPSR0LSjTWdEkoF7lS5EPgLRSaAgm:S++0CJBX1ayS3yS+LSncEnS5ygLqgm |
| TLSH | T172014C1F878D253101E584E23099E1D9462AD2D9ABF0E091F7DE855C6B3497E51A9D40 |
| tar:gname | bin |
| tar:uname | root |
| hashlookup:parent-total | 156 |
| hashlookup:trust | 100 |
The searched file hash is included in 156 parent files which include package known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| MD5 | 83370381B9A6418A65D634F6FE277CEA |
| PackageArch | s390 |
| PackageDescription | Prelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications, |
| PackageMaintainer | Fedora Project |
| PackageName | prelude-lml |
| PackageRelease | 10.fc19 |
| PackageVersion | 1.0.0 |
| SHA-1 | 00C52685FDB1A48951430E5E814E65D85E2AA0C0 |
| SHA-256 | 2AE1B0472F1FEEBF11F1DFBF6B592FCA5166701D8F5198E086C517271BB17501 |
| Key | Value |
|---|---|
| FileSize | 233536 |
| MD5 | BD1AE5FE3C88D5286A9777AE0DD4FE76 |
| PackageDescription | Security Information Management System [ Log Agent ] Prelude is a Universal "Security Information Management" (SIM) system. Its goals are performance and modularity. It is divided in two main parts : - the Prelude sensors, responsible for generating alerts, such as snort sensor, featuring a signature engine, plugins for protocol analysis, and intrusion detection plugins, and the Prelude log monitoring lackey. - the Prelude report server, collecting data from Prelude sensors, and generating user-readable reports. . Prelude-LML is a signature based log analyzer monitoring logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios, NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc. |
| PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 1.0.0-5.3 |
| SHA-1 | 02980F19C2A3168079E78080E03E840B5AE512C5 |
| SHA-256 | C3EAAEFCA44BE88E9FB41A04414E71423F6FFAE2F07C18D781D16CFA354DF589 |
| Key | Value |
|---|---|
| FileSize | 217512 |
| MD5 | A3393FF6381DC565D0C1F9431F4DAB02 |
| PackageDescription | Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 5.2.0-2 |
| SHA-1 | 0406879ECE460A014E65D5636F3E5DEE49901FFA |
| SHA-256 | 9AFDAC9CBC36959ADD2F7DA663B319C2B28FC66EE7BED8155138ECDBA8645B4E |
| Key | Value |
|---|---|
| FileSize | 235652 |
| MD5 | 1897290586C1B3F7E1F64DCB71FB4C5F |
| PackageDescription | Security Information Management System [ Log Agent ] Prelude is a Universal "Security Information Management" (SIM) system. Its goals are performance and modularity. It is divided in two main parts : - the Prelude sensors, responsible for generating alerts, such as snort sensor, featuring a signature engine, plugins for protocol analysis, and intrusion detection plugins, and the Prelude log monitoring lackey. - the Prelude report server, collecting data from Prelude sensors, and generating user-readable reports. . Prelude-LML is a signature based log analyzer monitoring logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios, NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc. |
| PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 1.0.0-5.3+b4 |
| SHA-1 | 070A91F4BD8F6568BC23752A1A651FC917E060A7 |
| SHA-256 | DE5FCE204B978D8CB2E57FD2B05E162C1F6AF9481C48BBF291CC2E324D5918BE |
| Key | Value |
|---|---|
| MD5 | 723166817B0F37FF937009D3CFBC4994 |
| PackageArch | ppc |
| PackageDescription | Prelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications, |
| PackageMaintainer | Koji |
| PackageName | prelude-lml |
| PackageRelease | 4.fc15 |
| PackageVersion | 1.0.0 |
| SHA-1 | 0A128C32A6610B73E4A0D55681EC4BA7B97DC12E |
| SHA-256 | A105610776B95454BC395D3965B5E5A48DD5BD706CA0CEF9D357796F831DE4C9 |
| Key | Value |
|---|---|
| FileName | https://ftp.lysator.liu.se/pub/OpenBSD//4.4//packages//powerpc//prelude-lml-0.9.10.tgz |
| MD5 | 74F84CA3BAB1453955AE0320D7CF54CD |
| SHA-1 | 0B7E36C6420A9A6BC4FF9A6C06774849FD0383D0 |
| SHA-256 | 4404815092FFF7557330B8FF715D9EEC8F05AEE7F07B146DB1D00E88B20E79F6 |
| SSDEEP | 3072:zLGZivuE5XnxLt2LP/shlkp1uILWqiDMEf53lONy7NnfYQG:nkimO9tocA+zDrR3IGNnfXG |
| TLSH | T19FD3126A3499E1905DCAC38EEC93DC281DC04FFB17095FA996432E969F133E6449235B |
| Key | Value |
|---|---|
| FileSize | 131990 |
| MD5 | 091ABBD2B4FDF7331F96EFF207CEA445 |
| PackageDescription | Security Information Management System [ Log Agent ] Prelude is a Universal "Security Information Management" (SIM) system. Its goals are performance and modularity. It is divided in two main parts : - the Prelude sensors, responsible for generating alerts, such as snort sensor, featuring a signature engine, plugins for protocol analysis, and intrusion detection plugins, and the Prelude log monitoring lackey. - the Prelude report server, collecting data from Prelude sensors, and generating user-readable reports. . Prelude-LML is a signature based log analyzer monitoring logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios, NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc. |
| PackageMaintainer | Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 1.0.0-5build1 |
| SHA-1 | 0C95E178EAF9F850E778DBC2722EDDD5231062CF |
| SHA-256 | CF96A52610A17997A46E87F851C34429A64395F994ACAA402B94DE51DC425F30 |
| Key | Value |
|---|---|
| MD5 | 38FE2B065C23547C294AEEE8337EFA67 |
| PackageArch | x86_64 |
| PackageDescription | Prelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications |
| PackageMaintainer | https://bugs.opensuse.org |
| PackageName | prelude-lml |
| PackageRelease | lp150.1.7 |
| PackageVersion | 4.0.0 |
| SHA-1 | 0CBB4870B731C9E99E4F0E9A27F34A6800D182F1 |
| SHA-256 | 43344FC9C730D80CDD0B7628D54CC762121E0C0DE1E44CDE9D36D7805A8453A3 |
| Key | Value |
|---|---|
| MD5 | ADB7EC94887D2F21F1E4B9BB04FA59EA |
| PackageArch | s390x |
| PackageDescription | Prelude-LML is a log analyser that allows Prelude to collect and analyze information from all kind of applications emitting logs or syslog messages in order to detect suspicious activities and transform them into Prelude-IDMEF alerts. Prelude-LML handles events generated by a large set of applications, |
| PackageMaintainer | Fedora Project |
| PackageName | prelude-lml |
| PackageRelease | 4.fc15 |
| PackageVersion | 1.0.0 |
| SHA-1 | 0CD1D632D8C9FF937C9863CF50C0F5EF10FBC887 |
| SHA-256 | 606B8D80FFC40277D5C0CCCCB80C98F9615032487713DD2506855CEF3A75B8FA |
| Key | Value |
|---|---|
| FileSize | 213408 |
| MD5 | 2452E0C04C1CCE71ED41C787506E48F1 |
| PackageDescription | Security Information and Events Management System [ Log Agent ] The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | Pierre Chifflier <pollux@debian.org> |
| PackageName | prelude-lml |
| PackageSection | admin |
| PackageVersion | 4.1.0-2 |
| SHA-1 | 104CA582AEE75274E483167EEC0B31EB1062A7B8 |
| SHA-256 | E33FAAE2DF4B1D01A129C58E6466F67F67DAEF2050DF1383894909312D7090AE |