prelude-lml: Prelude Sensor for analyzing logs and collecting Syslog events1

Package available in: [trunk] [8.0] [7.0] [6.0] [2.1]

Prelude-LML is a signature based log analyzer monitoring your logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: APC Emu, BigIP, Cisco PIX, Clamav, Dell-OM, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nokia ipso, Apache ModSecurity, Ms-SQL, Nagios, Norton Antivirus Corporate Edition, NTsyslog, Pam, Portsentry, Postfix, Proftpd, ssh, etc.

Prelude-LML was written in order to easily integrate third party product, most particularly product that can't be modified directly to use the Prelude library.

... part of T2, get it here


Author: Yoann Vandoorselaere <yoann [at] prelude-ids [dot] org>
Author: The prelude-IDS Project <http://www [dot] prelude-ids [dot] org>
Maintainer: The T2 Project <t2 [at] t2-project [dot] org>

License: OpenSource
Status: Stable
Version: 1.0.0

Download: prelude-lml-1.0.0.tar.gz

T2 source: prelude-lml.cache
T2 source: prelude-lml.conf
T2 source: prelude-lml.desc
T2 source: prelude-lml.init

Build time (on reference hardware): 35% (relative to binutils)2

Installed size (on reference hardware): 0.64 MB, 81 files

Dependencies (build time detected): 00-dirtree binutils coreutils diffutils findutils gawk gnutls grep icu4c libgcrypt libgpg-error libprelude libtasn1 libtool linux-header m4 make net-tools pcre pkgconfig sed sysfiles tar zlib

Installed files (on reference hardware): [show]

1) This page was automatically generated from the T2 package source. Corrections, such as dead links, URL changes or typos need to be performed directly on that source.

2) Compatible with Linux From Scratch's "Standard Build Unit" (SBU).