Open Source Log Analysis Software - Page 2

IPCAD runs captures traffic on the specified interfaces (BPF, PCAP, divert, tee, ULOG, IPQ), and records the traffic for later retrieval and analysis. Traffic exported via RSH or NetFlow.

this tool tries to repair your broken pcap and pcapng files by fixing the global header respectively packet blocks and recovering the packets by searching und guessing the packet headers or blocks

Scripts and tools to manage your Server.

AfterGlow is a scripts which facilitates the process of generating link graphs from CSV input. AfterGlow is written in Perl and generates output that can be read by GraphViz, Gephi, etc. Source: https://github.com/zrlram/afterglow Tarball: http://pixlcloud.com/afterglow-2

Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.

MySQL Squid Access Report

XL-Parser provides a bunch of functions for data extraction and analysis. It also provides web log analysis features like a tool for detection of suspicious activities. More details and screenshots on http://le-tools.com.

lla is an LDAP Logfile Analyser , it generates statistics At this moment only NS 4.11 Logfiles have been tested. Your on your own if you want to analyse other type of Logfiles. But feel free to give feedback on your experiments and contribute patches to t

The Exchange Server SMTP Log Viewer is a graphical tool developed using Python. It is designed to help system administrators and developers analyze SMTP server logs efficiently.

Textual data processing solution for system administrators and Web programmers. The C library allows to manipulate string lists, CGI forms, MIME data, configuration files, logs parsing, regular expressions, date/time parsing, templates rewriting etc.

GoAccess is a real-time Apache web log analyzer and interactive viewer that runs in a terminal and provides fast and valuable HTTP statistics for system administrators that require a visual report on the fly.

We provide Linux drivers for webcams based on the popular Vision VLSI CPiA chipset, including the Creative WebCam II. Both parport and USB is supported.

SNĒZ is a web interface to the popular open source IDS programs SNORT® and Suricata. IDS output can be unified2 or JSON formats. The main design feature of SNĒZ is the ability to filter alerts based on criteria set by, and documented by, a security analyst. Alerts are viewed and summarized in different ways, filtered, and documented until ideally no alerts remain. At any time, filters can be suppressed so that all collected alerts can be analyzed for patterns, forensics, etc. Filters can also be used to hide noisy alerts without deleting them or suppressing them at the IDS. An effective strategy for dealing with noisy alerts can be achieved by combining alert thresholding at the IDS and filtering in SNEZ. SNORT® is a registered trademark of Sourcefire, Inc. All rights reserved.

SRG is a log file analyser and report generator for the Squid web proxy. It is fast and was created to allow easy integration with other authentication systems. SRG is flexible and can report right down the the level of individual files requested.

ATTENTION: Snare Lite is unsupported legacy software. While it will remain a part of the SourceForge community, it is no longer secure and compliant. For up to date Snare software check out Snare Enterprise. https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM architecture regardless of third party developers. In fact, the agnostic nature allows it to bridge gaps between multiple SIEM implementations across business units. For more on use cases, check out the Intersect Alliance website. https://www.snaresolutions.com/ Snare Enterprise’s premium features include: - Regulatory Compliance - TLS Encryption - Log Simulcasting - TCP – Guaranteed Log Delivery - USB Device Monitoring - And more! For updates follow us on social media!

Sgrep (sorted grep) is a much faster alternative to traditional Unix grep when searching large files, because sgrep searches sorted input files using a fast binary search to find matching lines.

Internet Access Control (IAC) is a LAMP system that integrates with Squid to deliver real-time graphical statistics, billing, monitoring and more.

Logpp is a tool for preprocessing event logs and feeding relevant data to other programs for storing or in-depth analysis. Logpp reads lines appended to input files, matches the lines with patterns, and writes the results to given destinations.

ParserCap is a visual tool for information security specialists, system administrators, students and everyone who needs to analyze network traffic in PCAP format (libpcap — ETHERNET and IEEE 802.11). It is also possible to set filters for identifier search TCP headers (Documents, Multimedia, Files, Logins, Passwords etc.). If necessary, it is possible to view detailed statistics on every MAC address, including COOKIES, USER-AGENTS, HTTP GET/POST and a lot more. Please visit forum - if you have any idea :-) Last version my program you can search in my home web page! Thanks!

SqStat is a script which allows to look through active squid users connections. It use cachemgr protocol to get information from squid proxy server.

ASC is a tool to count traffic between users and different subnets. The most common usage is to measure individual users amount of traffic to and from the internet. Very easy to configure, see the documentation.

With the Log Parser one can scan logs, whitelist out legitimate, non-corrupt entries (usually file paths), and apply a standard format to a log generated by any antivirus or malware-removal program. This makes for easier reading of the meat in any log.

Lire is a pluggable log analyzer, supporting HTTP, email, DNS, FTP, firewall and print services. Output generated can be txt, (X)HTML, PDF, RTF, and DocBook. The latter four support graphics. For news/support visit the project homepage.

NeoLogger is Windows Syslog Client similar to the logger command known from UNIX/LINUX systems used to send SYSLOG messages. It adds some usefull features to filter and replace content, reads from standard input, files or the windows eventlog. It is also able to watch a file or an eventlog for changes and transmits only the new entries. Logit is an additional tool, that logs process or batch output to a log file or windows Eventlog using predefined prefixes and timestamps. (see the screenshots for an Overview) Please donate some (micro-)bitcoins to my address if you saved time and money by using this free project: 1FvGzQvT3tcN47fxdaNjDeSFU6pAUsqMbn

Mac OS X application launcher for WireShark.