Prelude-LML is a signature based log analyzer monitoring your logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: APC Emu, BigIP, Cisco PIX, Clamav, Dell-OM, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nokia ipso, Apache ModSecurity, Ms-SQL, Nagios, Norton Antivirus Corporate Edition, NTsyslog, Pam, Portsentry, Postfix, Proftpd, ssh, etc.
Prelude-LML was written in order to easily integrate third party product, most particularly product that can't be modified directly to use the Prelude library.
Author: Yoann Vandoorselaere <yoann [at] prelude-ids [dot] org>
Author: The prelude-IDS Project <http://www [dot] prelude-ids [dot] org>
Maintainer: The T2 Project <t2 [at] t2-project [dot] org>
Build time (on reference hardware): 35% (relative to binutils)2
Installed size (on reference hardware): 0.64 MB, 81 files
Dependencies (build time detected): 00-dirtree binutils coreutils diffutils findutils gawk gnutls grep icu4c libgcrypt libgpg-error libprelude libtasn1 libtool linux-header m4 make net-tools pcre pkgconfig sed sysfiles tar zlib
Installed files (on reference hardware):
1) This page was automatically generated from the T2 package source. Corrections, such as dead links, URL changes or typos need to be performed directly on that source.
2) Compatible with Linux From Scratch's "Standard Build Unit" (SBU).