Bug#959150: [Pkg-clamav-devel] Bug#959150: Add support for Prelude
On 2021-03-06 11:44:35 [+0100], Thomas Andrejak wrote: > Hello Sebastian, Hi, > The new libprelude is in debian testing as you can see here : > https://tracker.debian.org/pkg/libprelude > > Is it possible to re-work on this issue ? So yes I am still alive but somehow didn't deal with this, sorry. I intend to look at it post Bullseye. My only concern was the licensing issue and libprelude is LGPLv2 or did something change here? > Thanks > > Regards > > Thomas Sebastian
Bug#959150: [Pkg-clamav-devel] Bug#959150: Add support for Prelude
Hello How can I help you to go forward on this ? Enabling prelude support should be easy Regards Thomas Le jeu. 30 avr. 2020 à 09:09, Thomas Andrejak a écrit : > Hello > > Thanks for your reply. > > The performance you pointed out is about the database inserts, not the > libprelude used by ClamAV. So, for an security tool, there is no > performance issue. For a Prelude end user, if he gets too many alerts per > seconds, there are mechanisms to filter this and do not fall into > performance issues. > > For your information, Suricata already enable prelude support in it's > packages and there is no issue. > > Regards > > On Wed, 29 Apr 2020 23:31:34 + Scott Kitterman > wrote: > > According to the prelude web site: > > > > Prelude OSS is the open source edition of Prelude SIEM . Prelude OSS is > aimed for evaluation, research and test purpose on very small environments. > Please note that Prelude OSS performances are way lower than the Prelude > SIEM edition. > > > > > What testing have you done to determine the performance implications of > the proposed change? > > > > Scott K > > > > On April 29, 2020 11:15:43 PM UTC, Thomas Andrejak < > thomas.andre...@gmail.com> wrote: > > >Package: clamav > > > > > >Version: 0.102.2 > > > > > >Please enable Prelude support: > > > > > >* d/control: Add libprelude-dev Build-Depends > > > > > >* d/rule: Add --enable-prelude to the ./configure > > > > > >Thanks > > > > > >Regards > > > > > >Thomas > > > > >
Bug#959150: [Pkg-clamav-devel] Bug#959150: Add support for Prelude
Hello Thanks for your reply. The performance you pointed out is about the database inserts, not the libprelude used by ClamAV. So, for an security tool, there is no performance issue. For a Prelude end user, if he gets too many alerts per seconds, there are mechanisms to filter this and do not fall into performance issues. For your information, Suricata already enable prelude support in it's packages and there is no issue. Regards On Wed, 29 Apr 2020 23:31:34 + Scott Kitterman wrote: > According to the prelude web site: > > Prelude OSS is the open source edition of Prelude SIEM . Prelude OSS is aimed for evaluation, research and test purpose on very small environments. Please note that Prelude OSS performances are way lower than the Prelude SIEM edition. > > What testing have you done to determine the performance implications of the proposed change? > > Scott K > > On April 29, 2020 11:15:43 PM UTC, Thomas Andrejak < thomas.andre...@gmail.com> wrote: > >Package: clamav > > > >Version: 0.102.2 > > > >Please enable Prelude support: > > > >* d/control: Add libprelude-dev Build-Depends > > > >* d/rule: Add --enable-prelude to the ./configure > > > >Thanks > > > >Regards > > > >Thomas > >
Bug#959150: [Pkg-clamav-devel] Bug#959150: Add support for Prelude
According to the prelude web site: Prelude OSS is the open source edition of Prelude SIEM . Prelude OSS is aimed for evaluation, research and test purpose on very small environments. Please note that Prelude OSS performances are way lower than the Prelude SIEM edition. What testing have you done to determine the performance implications of the proposed change? Scott K On April 29, 2020 11:15:43 PM UTC, Thomas Andrejak wrote: >Package: clamav > >Version: 0.102.2 > >Please enable Prelude support: > >* d/control: Add libprelude-dev Build-Depends > >* d/rule: Add --enable-prelude to the ./configure > >Thanks > >Regards > >Thomas