prelude-lml
Security Information Management System [ Log Agent ]
Install
- All systems
-
curl cmd.cat/prelude-lml.sh
- Debian
-
apt-get install prelude-lml - Ubuntu
-
apt-get install prelude-lml - Kali Linux
-
apt-get install prelude-lml - Fedora
-
dnf install prelude-lml - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install prelude-lml - Raspbian
-
apt-get install prelude-lml - Dockerfile
- dockerfile.run/prelude-lml
prelude-lml
Security Information Management System [ Log Agent ]
Prelude is a Universal "Security Information Management" (SIM) system. Its goals are performance and modularity. It is divided in two main parts : - the Prelude sensors, responsible for generating alerts, such as snort sensor, featuring a signature engine, plugins for protocol analysis, and intrusion detection plugins, and the Prelude log monitoring lackey. - the Prelude report server, collecting data from Prelude sensors, and generating user-readable reports. Prelude-LML is a signature based log analyzer monitoring logfile and received syslog messages for suspicious activity. It handle events generated by a large set of components, including but not limited to: Apache, BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nagios, NTsyslog, NuFW, PAM, Portsentry, Postfix, Proftpd, ssh, etc.