| Key | Value |
|---|---|
| MD5 | A622128195D306C97A04E1B4BC7831F4 |
| PackageArch | i586 |
| PackageDescription | The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | daviddavid <daviddavid> |
| PackageName | prelude-lml |
| PackageRelease | 1.mga7 |
| PackageVersion | 5.0.0 |
| SHA-1 | EA29C9847B9E1162AADDC99BD7D84FE3BF21F7B3 |
| SHA-256 | 42AF1BA6AB07F65C2163177543C2492A5523FB68CDBF3B2C165C1B72C1F7790E |
| hashlookup:children-total | 15 |
| hashlookup:trust | 50 |
The searched file hash includes 15 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/HACKING.README |
| FileSize | 756 |
| MD5 | 1475976CC703D5CACF83483486774A0B |
| SHA-1 | 2FCBA98BFEAFCEA21E12CAD85F979583F9B51DA0 |
| SHA-256 | 1DB2E6985C825EB5742271954E017E2F8DDEE0A11A022EDDA6F9A00C19F7846C |
| SSDEEP | 12:hBe+oVOrqLRh1y4AvoInFbyE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvw49IxM5yCmFjqNHkxNEeAvW |
| TLSH | T19D01D01EF26C62A4198105E17682E3F2660F41DACB324432E257D4C533BBA7E853F5DD |
| Key | Value |
|---|---|
| FileName | ./usr/lib/prelude-lml/debug.so |
| FileSize | 13700 |
| MD5 | F423F0731A0C116EB2A768833F39E2F9 |
| SHA-1 | 2D0B93C6F65B48B6EFCEDF4B7D93CC351826343E |
| SHA-256 | 6BA0C72404853C098ED4B36399C7FAC5BF785E8A7CDD68273F286566023A06FB |
| SSDEEP | 96:+gY/2vBWBcO9rmTL5unX3Qa/c2ecJw+BaTBhTuSVpjKmv1fz85rKvk:M/G8ZktunX3Qgc2h2fuSLvt4 |
| TLSH | T12352B553BBA5C932E6C1573440674AE161329075C2B3CB73BF2832982D62364EF7363A |
| Key | Value |
|---|---|
| FileName | ./usr/lib/prelude-lml/pcre.so |
| FileSize | 38780 |
| MD5 | 3133ACDC00A29D582C4D854227792EF4 |
| SHA-1 | ABD1EB3D5C05871F1BA789A3087099E4B972565E |
| SHA-256 | BAA538247448E1A09590B67C8BBDAD48DC4570D8545A79FA1B2DF6315D4934B9 |
| SSDEEP | 768:JQDbca/wiAcHiwCfTRlHCcn3QmqcfDLZiPkI9d7l+LmxQcWwnpvZ:Ica/wiAcCwCtXngmTFykO9lBxQbG |
| TLSH | T1E203195BF786D4B0F69246F54B47C269E131810A9253F2B1FA08739EF4B13249E3A23D |
| Key | Value |
|---|---|
| FileName | ./etc/rc.d/init.d/prelude-lml |
| FileSize | 1356 |
| MD5 | F37EBF9D3EFA954629F54C42F758B519 |
| SHA-1 | F1E5A2D6E6BDA5458F3D3723EA0BCD10AB7C41E8 |
| SHA-256 | 317DF5AAA76C2B228B7141F74781454BBD3D42138A2589DCF6520CEBA85741AF |
| SSDEEP | 24:F/Cvr+MbWqswPIuJ6yMb/MbPNqRIJq/EHOx20Tv7GPrJuZ94WDjK:FqDUNwwE66N+MHOhTCOTjK |
| TLSH | T1A32111F73034B9318D2F0A98C49DE7F92D31A10F81A3FCFAA03A66D1108919A85B8875 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml-devel/NEWS |
| FileSize | 30309 |
| MD5 | 7D5ECF052B8638DE70DC950C41B09C0D |
| SHA-1 | 00D27A15EF1D6F8D99211F1D108435109D92A896 |
| SHA-256 | 65D1B57796816279136CB702699E3AA93C580448F4D018391063800055C2844B |
| SSDEEP | 384:WPK/o951i9ipVVMebv4r9zOXIgMRbEmY/ZzzA+g6ha5FTjTzl+xcJYUDD7a4EW:WS/e6ipVBy9CXI5FEmazzA+gMg9Kqau |
| TLSH | T16AD2F9A3B66832271A521DBAE1CA82D2EF7C746FD353B5A435CD45883F01470D2F6A98 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/plugins.rules |
| FileSize | 836 |
| MD5 | 446480A94DE7E09917ACD9C48361234B |
| SHA-1 | CCC52AC2BE9F8DCFFA54115CD8F46FC7995DC8D5 |
| SHA-256 | 6E009A53AD344BD1563EA2A2B79A8D3F53886948567979355EA3FCCD2C3F6BF9 |
| SSDEEP | 24:SslZ+0CJBxd1ayS3EPSR0LSjTWdEkoF7lS5EPgLRSaAgm:S++0CJBX1ayS3yS+LSncEnS5ygLqgm |
| TLSH | T172014C1F878D253101E584E23099E1D9462AD2D9ABF0E091F7DE855C6B3497E51A9D40 |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/prelude-lml.conf |
| FileSize | 6976 |
| MD5 | F5183E2F0F05CC917DECDC23F1954FC8 |
| SHA-1 | AD3DE09C3934AB13B43FF7EA82F10826BCA92B4D |
| SHA-256 | 700BD25142068064FD3B9417CC5928C0CDBD21A9E96F822E8AA7ABE5E4297DCA |
| SSDEEP | 192:mKqkehijEnNUiMyB0Xus6vzGogpcNadlO25e:mkSkUsWiOP |
| TLSH | T182E17466D24D3A3B13CF07A150AEE1DDDB3D904D6E63241262DD98683201E7892FBBE5 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README |
| FileSize | 1728 |
| MD5 | 05E12D515E6B5F984C8B880E9A9D5009 |
| SHA-1 | E187FDE5A267DC18E07A31E90A4738422A14958F |
| SHA-256 | 64826052D54C20F3E93CCE7E6BDC00D2BCBE96D6E850C1955C5D06EEE6BB9FEF |
| SSDEEP | 24:yAwdzTaLVNECo7w5QlXlunfy1XICIrYKZQaIJkt8MswCHJfVKcDwaq+ygXA:kwECo7Hlua1XtKZQ3kt8DXJfVsP |
| TLSH | T16A3116FFA2687270734525C87216E4F7CB6375AFA26025B1BCDC84D5632A39C4132B85 |
| Key | Value |
|---|---|
| CRC32 | 4E46F4A1 |
| FileName | ./usr/share/cmake/Templates/fedora/gpl-2.0.txt |
| FileSize | 18092 |
| KnownMalicious | malshare.com |
| MD5 | B234EE4D69F5FCE4486A80FDAF4A4263 |
| OpSystemCode | 362 |
| ProductCode | 15109 |
| RDS:package_id | 313212 |
| SHA-1 | 4CC77B90AF91E615A64AE04893FDFFA7939DB84C |
| SHA-256 | 8177F97513213526DF2CF6184D8FF986C675AFB514D4E68A404010521B880643 |
| SHA-512 | AEE80B1F9F7F4A8A00DCF6E6CE6C41988DCAEDC4DE19D9D04460CBFB05D99829FFE8F9D038468EABBFBA4D65B38E8DBEF5ECF5EB8A1B891D9839CDA6C48EE957 |
| SSDEEP | 384:ghUwi5rpL676yV12rPd34ZomzM2FR+dWF7jUI:gmFWixMFzMdm7jUI |
| SpecialCode | |
| TLSH | T13A82A42E770443F205C202A16A4F68DFA32AD5B9723E1155386DC15E236FE35C3BFA99 |
| db | nsrl_legacy |
| insert-timestamp | 1728991626.679368 |
| mimetype | text/plain |
| nsrl-sha256 | rds241-sha256.zip |
| source | snap:MmD5jWldYNMNgb2rFFht3FNKGJx1FLLV_613 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/f6/26592f65c719541dad587990993c382e698b90 |
| FileSize | 40 |
| MD5 | 58499137AF55413F1A790DF1276475BE |
| SHA-1 | F8A28EE6FC70F1DCF6281DC75C135E4437D25341 |
| SHA-256 | D384406137AF099CE08DE644E5C71F51BC6011AE0C5F0B2706F94E0ADCAF0177 |
| SSDEEP | 3:gCD/43BEN:X/cEN |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/sbin/prelude-lml |
| FileSize | 135944 |
| MD5 | F4D521CD39D5AEEAB98AD1AA2F0D665F |
| SHA-1 | 75E621A27345C3E1CA6DB1593745F7E1E87A2F56 |
| SHA-256 | B5DDAFEF8628053B3AB7131A162CC5E2FBA8326CD8CDCFEA1D944A0806FC1F92 |
| SSDEEP | 3072:fRAxM+xxXVbgRb4NJ71nlidmoo1PIaW1Lc+REjVw4oh957c:yMGngRbWp40oo1PIakc+Km4ohL7c |
| TLSH | T16ED3195DB29BC8F2E6E14AF4075B836166214009F0A3F6B2FE4D67B8347225D7F1B264 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/AUTHORS |
| FileSize | 117 |
| MD5 | CDEE48F5CC0004C4F0C2F1A8F885E09F |
| SHA-1 | ED9670154CCA42933907B27FE954F4EF0CB35DBA |
| SHA-256 | 920630E1CCFF2B2263679C90F7EAC63CFA325BF2111708BC97C63A603A37D37C |
| SSDEEP | 3:L2UorMXR9j9Vf0S4ie82Zm1pz0tYMKn:L2UorMB59J4r82g+YMKn |
| TLSH | T13CB012ED22B431BB3F02951C2265C8F35A613DEBC2B386E3BE70F4C256720125414348 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/42/11fcc96abda84a0084958a012692ab7b290626 |
| FileSize | 39 |
| MD5 | 6F87625166C749D56E7DE47B4540D9CC |
| SHA-1 | 1B8FB5D8F908ADA66F834EAF2300867BED10D070 |
| SHA-256 | 177A01BD24FE3F54F653D5C1345A4FF32C40BD456E7A6B7E414B37051AB1B1E8 |
| SSDEEP | 3:gCD/43VwKn:X/IwK |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml-devel/ChangeLog |
| FileSize | 762188 |
| MD5 | 11B623694538049464D2AE5877DF5259 |
| SHA-1 | 60B3A3096F97B93F6BDEB494C1E1D86DCF2826F6 |
| SHA-256 | 32820094E3BCB8B1FE92BDC76A652CE6F72992434FAA92A43D5193B275DB0D12 |
| SSDEEP | 6144:G9tZYmUQdDwhi0dps2aj5UnQX7fJUDSdLnD76H/1TslUWBIpzB+KgQg:G9tZYmUQdDwFMbVUU7fJUDenD7QCBI9g |
| TLSH | T196F44FD79E3A25132175E3B385A06092FE4BF2DF6325A4B8397DB1C4DF0971412BEA09 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/63/02b6bfc25846d647ba4dec993ff3f4dd83ed58 |
| FileSize | 32 |
| MD5 | 5E93B0CD1DA9245551389EFF574F33AD |
| SHA-1 | AD0C142622AB684C99FF78FF69DF971427E5E5BF |
| SHA-256 | 38BEDF3DAE95EA1618C2076D21DAA4468A8F3E85C5C777CC68A612ADED4C6F78 |
| SSDEEP | 3:gCD2MI:X2R |
| TLSH |