diff options
author | shannonjr <shannonjr> | 2006-01-31 10:46:31 +0000 |
---|---|---|
committer | shannonjr <shannonjr> | 2006-01-31 10:46:31 +0000 |
commit | 4e1f21b776edb855f6831410d26b51a50a7772dc (patch) | |
tree | 5796b42bc6674b3edd588071fca25f528ea45576 /security/prelude-lml/Makefile | |
parent | 8bd44ba2793b7c8475e302dc7a5958fd69b04a78 (diff) | |
download | pkgsrc-4e1f21b776edb855f6831410d26b51a50a7772dc.tar.gz |
Update to 0.9.2. Changes:
- Get rid of the 1024 characters per line limitation (defined as per
the syslog RFC), since LML is not limited to parsing input from syslog
anymore.
- Handle events in Clamav logging format as well as syslog.
- Abstracted Squid chain regex to allow parsing of data directly
from Squid log files.
- Introduced support for openhostapd.
- Began expanding rulesets with additional_data and vendor-specific
classification data.
- Various ruleset updates and bug fixes.
Prelude-LML is a signature based log analyzer monitoring logfile and
received syslog messages for suspicious activity. It handle events
generated by a large set of components, including but not limited to:
BigIP, Grsecurity, Honeyd, ipchains, Netfilter, ipfw, Nokia ipso,
Nagios, Norton Antivirus Corporate Edition, NTsyslog, PAM, Portsentry,
Postfix, Proftpd, ssh, etc.
Diffstat (limited to 'security/prelude-lml/Makefile')
-rw-r--r-- | security/prelude-lml/Makefile | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/security/prelude-lml/Makefile b/security/prelude-lml/Makefile index 2a9f5b17cbf..44d30f437eb 100644 --- a/security/prelude-lml/Makefile +++ b/security/prelude-lml/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.1.1.1 2006/01/29 15:56:42 shannonjr Exp $ +# $NetBSD: Makefile,v 1.2 2006/01/31 10:46:31 shannonjr Exp $ # -DISTNAME= prelude-lml-0.9.1 +DISTNAME= prelude-lml-0.9.2 CATEGORIES= security MASTER_SITES= http://www.prelude-ids.org/download/releases/ @@ -25,11 +25,13 @@ CONFIGURE_ARGS+= --localstatedir=${VARBASE:Q} RCD_SCRIPTS= preludelml PRELUDE_USER?= _prelude PRELUDE_GROUP?= _prelude +PRELUDE_LML_PID_DIR= ${VARBASE:Q}/run/prelude-lml PRELUDE_HOME= ${VARBASE:Q}/prelude-lml PKG_USERS= ${PRELUDE_USER}:${PRELUDE_GROUP}::Prelude\ IDS:${PRELUDE_HOME}:${NOLOGIN} PKG_GROUPS= ${PRELUDE_GROUP} FILES_SUBST+= PRELUDE_LML_PID_DIR=${PRELUDE_LML_PID_DIR:Q} FILES_SUBST+= PRELUDE_USER=${PRELUDE_USER:Q} +FILES_SUBST+= PRELUDE_GROUP=${PRELUDE_GROUP:Q} SUBST_CLASSES+= code SUBST_STAGE.code= post-patch |