prelude-lml: Prelude Sensor for analyzing logs and collecting Syslog events 1

Package available in: [trunk] [8.0] [7.0] [6.0] [2.1]

Prelude-LML is a signature based log analyzer monitoring your logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: APC Emu, BigIP, Cisco PIX, Clamav, Dell-OM, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nokia ipso, Apache ModSecurity, Ms-SQL, Nagios, Norton Antivirus Corporate Edition, NTsyslog, Pam, Portsentry, Postfix, Proftpd, ssh, etc.

Prelude-LML was written in order to easily integrate third party product, most particularly product that can't be modified directly to use the Prelude library.

... part of T2, get it here


Author: Yoann Vandoorselaere <yoann [at] prelude-ids [dot] org>
Author: The prelude-IDS Project <http://www [dot] prelude-ids [dot] org>
Maintainer: Christian Wiese <jeru [at] ixplanet [dot] org>

License: OpenSource
Status: Stable
Version: 0.9.1

Download: prelude-lml-0.9.1.tar.gz

T2 source: prelude-lml.cache
T2 source: prelude-lml.conf
T2 source: prelude-lml.desc
T2 source: prelude-lml.init

Build time (on reference hardware): 4852% (relative to binutils)2

Installed size (on reference hardware): 0.55 MB, 77 files

Dependencies (build time detected): bash binutils bzip2 ccache coreutils diffutils fam file findutils flex gawk gcc glibc gnutls grep libgcrypt libgpg-error libprelude libtasn1 linux-header m4 make mktemp net-tools pcre sed sysfiles tar util-linux zlib

Installed files (on reference hardware): n.a.

1) This page was automatically generated from the T2 package source. Corrections, such as dead links, URL changes or typos need to be performed directly on that source.

2) Compatible with Linux From Scratch's "Standard Build Unit" (SBU).