| Key | Value |
|---|---|
| MD5 | BB39421671CED613279870AA56D61D2F |
| PackageArch | x86_64 |
| PackageDescription | The Prelude Log Monitoring Lackey (LML) is the host-based sensor program part of the Prelude SIEM suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch). It can run as a network server listening on a syslog port or analyze log files. It supports logfiles in the BSD syslog format and is able to analyze any logfile by using the PCRE library. It can apply logfile-specific analysis through plugins such as PAX. It can send an alert to the Prelude Manager when a suspicious log entry is detected. |
| PackageMaintainer | daviddavid <daviddavid> |
| PackageName | prelude-lml |
| PackageRelease | 1.mga7 |
| PackageVersion | 5.0.0 |
| SHA-1 | FD985AF1A283FED462467FE06F8A83B05D7BD10E |
| SHA-256 | E10C2630A13D02BF870B558224F92E2973DDD8C8CB8704FD1E0142FFDFF2DD38 |
| hashlookup:children-total | 15 |
| hashlookup:trust | 50 |
The searched file hash includes 15 children files known and seen by metalookup. A sample is included below:
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/HACKING.README |
| FileSize | 756 |
| MD5 | 1475976CC703D5CACF83483486774A0B |
| SHA-1 | 2FCBA98BFEAFCEA21E12CAD85F979583F9B51DA0 |
| SHA-256 | 1DB2E6985C825EB5742271954E017E2F8DDEE0A11A022EDDA6F9A00C19F7846C |
| SSDEEP | 12:hBe+oVOrqLRh1y4AvoInFbyE0MevyCmFQMl9Kr1yAHkxbpfgtthcAkU5tDWg2:XywrqLvw49IxM5yCmFjqNHkxNEeAvW |
| TLSH | T19D01D01EF26C62A4198105E17682E3F2660F41DACB324432E257D4C533BBA7E853F5DD |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/73/008682bbfd6717f853ba56336beb17af7dcfeb |
| FileSize | 42 |
| MD5 | 83A09CC9E1318FF663FAEC349DE2E924 |
| SHA-1 | 399C3DD3056EBF404749B476C5E081C9A83DB1B0 |
| SHA-256 | A1B883781E6908127CA0C76C01EDAACF7B37590C88EFE0D023C4E638F7059C29 |
| SSDEEP | 3:gCD/i3BEN:X/eEN |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./etc/rc.d/init.d/prelude-lml |
| FileSize | 1356 |
| MD5 | F37EBF9D3EFA954629F54C42F758B519 |
| SHA-1 | F1E5A2D6E6BDA5458F3D3723EA0BCD10AB7C41E8 |
| SHA-256 | 317DF5AAA76C2B228B7141F74781454BBD3D42138A2589DCF6520CEBA85741AF |
| SSDEEP | 24:F/Cvr+MbWqswPIuJ6yMb/MbPNqRIJq/EHOx20Tv7GPrJuZ94WDjK:FqDUNwwE66N+MHOhTCOTjK |
| TLSH | T1A32111F73034B9318D2F0A98C49DE7F92D31A10F81A3FCFAA03A66D1108919A85B8875 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml-devel/NEWS |
| FileSize | 30309 |
| MD5 | 7D5ECF052B8638DE70DC950C41B09C0D |
| SHA-1 | 00D27A15EF1D6F8D99211F1D108435109D92A896 |
| SHA-256 | 65D1B57796816279136CB702699E3AA93C580448F4D018391063800055C2844B |
| SSDEEP | 384:WPK/o951i9ipVVMebv4r9zOXIgMRbEmY/ZzzA+g6ha5FTjTzl+xcJYUDD7a4EW:WS/e6ipVBy9CXI5FEmazzA+gMg9Kqau |
| TLSH | T16AD2F9A3B66832271A521DBAE1CA82D2EF7C746FD353B5A435CD45883F01470D2F6A98 |
| Key | Value |
|---|---|
| FileName | ./usr/lib64/prelude-lml/debug.so |
| FileSize | 14424 |
| MD5 | B062B5EE28D188BC0EAFA4BD66172CB9 |
| SHA-1 | 531E0DBD5F1D3FCCE025595FACBD4ED402C2051F |
| SHA-256 | 8586D8890579A4D3FEC6BDF00EEA964425347440CF7C57DDA4613893F31DFA48 |
| SSDEEP | 96:RmQhna0JBWBcO9rmGuNazoz41dQBGGi/jxSCBngactLK6VdnM2ak:R3J8ZkNazh1djVTgx2cdnM |
| TLSH | T1E852D81F7374CA7FC6AC42B080A742B0327AB954A762871B7F2466341D12798DF239DE |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/plugins.rules |
| FileSize | 836 |
| MD5 | 446480A94DE7E09917ACD9C48361234B |
| SHA-1 | CCC52AC2BE9F8DCFFA54115CD8F46FC7995DC8D5 |
| SHA-256 | 6E009A53AD344BD1563EA2A2B79A8D3F53886948567979355EA3FCCD2C3F6BF9 |
| SSDEEP | 24:SslZ+0CJBxd1ayS3EPSR0LSjTWdEkoF7lS5EPgLRSaAgm:S++0CJBX1ayS3yS+LSncEnS5ygLqgm |
| TLSH | T172014C1F878D253101E584E23099E1D9462AD2D9ABF0E091F7DE855C6B3497E51A9D40 |
| tar:gname | bin |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/lib64/prelude-lml/pcre.so |
| FileSize | 39984 |
| MD5 | 0351C96F5D78007D97BF781AD1430F3B |
| SHA-1 | 5CF3D84CEE98CE45DB717322F156F49C73DB9EC2 |
| SHA-256 | 3561A9DA6CE9BF2B39A98EDDC4CF19C5D951A61F832E13A7F5B05B416AC9764F |
| SSDEEP | 768:0ca/ZAcVsN4OBDCvSk/lmhgrYSKbQB7fRYcy:0ca/ZAc+NFelNczbQppYcy |
| TLSH | T1EE034C4BB0E54ABCC5D08974CA679931AA743016E310AD3FB94493782E42F34DE2FE36 |
| Key | Value |
|---|---|
| FileName | ./etc/prelude-lml/prelude-lml.conf |
| FileSize | 6976 |
| MD5 | F5183E2F0F05CC917DECDC23F1954FC8 |
| SHA-1 | AD3DE09C3934AB13B43FF7EA82F10826BCA92B4D |
| SHA-256 | 700BD25142068064FD3B9417CC5928C0CDBD21A9E96F822E8AA7ABE5E4297DCA |
| SSDEEP | 192:mKqkehijEnNUiMyB0Xus6vzGogpcNadlO25e:mkSkUsWiOP |
| TLSH | T182E17466D24D3A3B13CF07A150AEE1DDDB3D904D6E63241262DD98683201E7892FBBE5 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/README |
| FileSize | 1728 |
| MD5 | 05E12D515E6B5F984C8B880E9A9D5009 |
| SHA-1 | E187FDE5A267DC18E07A31E90A4738422A14958F |
| SHA-256 | 64826052D54C20F3E93CCE7E6BDC00D2BCBE96D6E850C1955C5D06EEE6BB9FEF |
| SSDEEP | 24:yAwdzTaLVNECo7w5QlXlunfy1XICIrYKZQaIJkt8MswCHJfVKcDwaq+ygXA:kwECo7Hlua1XtKZQ3kt8DXJfVsP |
| TLSH | T16A3116FFA2687270734525C87216E4F7CB6375AFA26025B1BCDC84D5632A39C4132B85 |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml/AUTHORS |
| FileSize | 117 |
| MD5 | CDEE48F5CC0004C4F0C2F1A8F885E09F |
| SHA-1 | ED9670154CCA42933907B27FE954F4EF0CB35DBA |
| SHA-256 | 920630E1CCFF2B2263679C90F7EAC63CFA325BF2111708BC97C63A603A37D37C |
| SSDEEP | 3:L2UorMXR9j9Vf0S4ie82Zm1pz0tYMKn:L2UorMB59J4r82g+YMKn |
| TLSH | T13CB012ED22B431BB3F02951C2265C8F35A613DEBC2B386E3BE70F4C256720125414348 |
| Key | Value |
|---|---|
| CRC32 | 4E46F4A1 |
| FileName | ./usr/share/cmake/Templates/fedora/gpl-2.0.txt |
| FileSize | 18092 |
| KnownMalicious | malshare.com |
| MD5 | B234EE4D69F5FCE4486A80FDAF4A4263 |
| OpSystemCode | 362 |
| ProductCode | 15109 |
| RDS:package_id | 313212 |
| SHA-1 | 4CC77B90AF91E615A64AE04893FDFFA7939DB84C |
| SHA-256 | 8177F97513213526DF2CF6184D8FF986C675AFB514D4E68A404010521B880643 |
| SHA-512 | AEE80B1F9F7F4A8A00DCF6E6CE6C41988DCAEDC4DE19D9D04460CBFB05D99829FFE8F9D038468EABBFBA4D65B38E8DBEF5ECF5EB8A1B891D9839CDA6C48EE957 |
| SSDEEP | 384:ghUwi5rpL676yV12rPd34ZomzM2FR+dWF7jUI:gmFWixMFzMdm7jUI |
| SpecialCode | |
| TLSH | T13A82A42E770443F205C202A16A4F68DFA32AD5B9723E1155386DC15E236FE35C3BFA99 |
| db | nsrl_legacy |
| insert-timestamp | 1728991626.679368 |
| mimetype | text/plain |
| nsrl-sha256 | rds241-sha256.zip |
| source | snap:MmD5jWldYNMNgb2rFFht3FNKGJx1FLLV_613 |
| tar:gname | root |
| tar:uname | root |
| Key | Value |
|---|---|
| FileName | ./usr/share/doc/prelude-lml-devel/ChangeLog |
| FileSize | 762188 |
| MD5 | 11B623694538049464D2AE5877DF5259 |
| SHA-1 | 60B3A3096F97B93F6BDEB494C1E1D86DCF2826F6 |
| SHA-256 | 32820094E3BCB8B1FE92BDC76A652CE6F72992434FAA92A43D5193B275DB0D12 |
| SSDEEP | 6144:G9tZYmUQdDwhi0dps2aj5UnQX7fJUDSdLnD76H/1TslUWBIpzB+KgQg:G9tZYmUQdDwFMbVUU7fJUDenD7QCBI9g |
| TLSH | T196F44FD79E3A25132175E3B385A06092FE4BF2DF6325A4B8397DB1C4DF0971412BEA09 |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/63/02b6bfc25846d647ba4dec993ff3f4dd83ed58 |
| FileSize | 32 |
| MD5 | 5E93B0CD1DA9245551389EFF574F33AD |
| SHA-1 | AD0C142622AB684C99FF78FF69DF971427E5E5BF |
| SHA-256 | 38BEDF3DAE95EA1618C2076D21DAA4468A8F3E85C5C777CC68A612ADED4C6F78 |
| SSDEEP | 3:gCD2MI:X2R |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/lib/.build-id/85/756436b74653da9e36a9552b78efe60cc7b787 |
| FileSize | 41 |
| MD5 | 20CAD69C5CC986874FF1A1934FAC0645 |
| SHA-1 | 05B3907EC4C0AC1EF88F6CADD58D2BBE08E3CE6E |
| SHA-256 | 4D14A20139E1BC210FBDDE16BCA08EFCD629D767F6BCF0FD12D6A50EDDDDFD83 |
| SSDEEP | 3:gCD/i3VwKn:X/KwK |
| TLSH |
| Key | Value |
|---|---|
| FileName | ./usr/sbin/prelude-lml |
| FileSize | 132512 |
| MD5 | 4E38EF460472EB0342C3795330972F60 |
| SHA-1 | 4C61F347B40D9CBA9CCF26B6117F05FF04229C87 |
| SHA-256 | C295DE627C3B2FC8215C853FAEB0193449C9047B27EDBC9E5575255CE989AEAA |
| SSDEEP | 1536:WdsAXuJodR1NflYwlI8KrJnt7pw0x2KvOOFKN0RiLi8NodwkdU9zwI:KsAXuJoj1NNYKwz/x2WszTNovUNw |
| TLSH | T13DD34A0B72D58DFDC5C0C970C5AB82A16A72F424D622673B7942A7382E1AF185F6F731 |