Prelude LML 0.9.7 review
Download
|
|
Prelude-LML is a signature-based log analyzer monitoring your log file and received syslog messages for suspicious activity.
It handle events generated by a large set of components, including but not limited to: APC Emu, BigIP, Cisco PIX, Clamav, Dell-OM, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nokia ipso, Apache ModSecurity, Ms-SQL, Nagios, Norton Antivirus Corporate Edition, NTsyslog, Pam, Portsentry, Postfix, Proftpd, SSH, and others.
What's New in This Release:
Reading from standard input was fixed.
A OpenBSD getaddrinfo() problem was fixed.
Cisco-CSS and Cisco-Router IDS module support was added.
Checkpoint ruleset is supported again.
The "fork failure" grsecurity warning is supported, and the "terminal being sniffed" match was fixed.
The NTsyslog ruleset was audited.
The WAP11 ruleset was fixed.
Prelude LML 0.9.7 keywords