Prelude-LML is a signature based log analyzer monitoring your logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: APC Emu, BigIP, Cisco PIX, Clamav, Dell-OM, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nokia ipso, Apache ModSecurity, Ms-SQL, Nagios, Norton Antivirus Corporate Edition, NTsyslog, Pam, Portsentry, Postfix, Proftpd, ssh, etc.
Prelude-LML was written in order to easily integrate third party product, most particularly product that can't be modified directly to use the Prelude library.
Author: Yoann Vandoorselaere <yoann [at] prelude-ids [dot] org>
Author: The prelude-IDS Project <http://www [dot] prelude-ids [dot] org>
Maintainer: The T2 Project <t2 [at] t2-project [dot] org>
Build time (on reference hardware): 20% (relative to binutils)2
Installed size (on reference hardware): 0.55 MB, 77 files
Dependencies (build time detected): bash binutils bzip2 coreutils diffutils fam file findutils flex gawk gcc glibc gnutls grep libgcrypt libgpg-error libprelude libtasn1 linux-header m4 make mktemp net-tools pcre sed sysfiles tar util-linux zlib
Installed files (on reference hardware): n.a.
1) This page was automatically generated from the T2 package source. Corrections, such as dead links, URL changes or typos need to be performed directly on that source.
2) Compatible with Linux From Scratch's "Standard Build Unit" (SBU).