Hello Thanks for your reply.
The performance you pointed out is about the database inserts, not the libprelude used by ClamAV. So, for an security tool, there is no performance issue. For a Prelude end user, if he gets too many alerts per seconds, there are mechanisms to filter this and do not fall into performance issues. For your information, Suricata already enable prelude support in it's packages and there is no issue. Regards On Wed, 29 Apr 2020 23:31:34 +0000 Scott Kitterman <deb...@kitterman.com> wrote: > According to the prelude web site: > > Prelude OSS is the open source edition of Prelude SIEM . Prelude OSS is aimed for evaluation, research and test purpose on very small environments. Please note that Prelude OSS performances are way lower than the Prelude SIEM edition. > > What testing have you done to determine the performance implications of the proposed change? > > Scott K > > On April 29, 2020 11:15:43 PM UTC, Thomas Andrejak < thomas.andre...@gmail.com> wrote: > >Package: clamav > > > >Version: 0.102.2 > > > >Please enable Prelude support: > > > >* d/control: Add libprelude-dev Build-Depends > > > >* d/rule: Add --enable-prelude to the ./configure > > > >Thanks > > > >Regards > > > >Thomas > >
