Open Source Log Analysis Software - Page 5

This very simple perl script parses you iptables log files and produces a report in text format with a summary based on the prefix of the log ( --log-prefix option of iptables ). Prefix description is allowed.

Ida, is a Apache log security analyzer written in PHP. It will scan Apache logs and report about security incidents like SQL injections, XSS attacks, path traveling and so on.

Impost is a network security auditing tool designed to analyze the forensics behind protocol exploitation.

JNFA - is a netflow analyzer. It uses MySQL database to store accounting information. Filters, used in the JNFA, allows very flexible classificate any kind of traffic and store it in the differend fields in database.

Simple and Useful set of software and hardware that monitors ScanLog and Network activity (LAN/WAN)

JSwatch is a java version of Swatch developed by Todd Atkins. It features great extensibility by alowing users to write their own classes that can analyze, notify, react or do pretty much anything that can be done in Java in response to entries in logs.

Provide a plugabble and configurable alternative to UNIX tools like grep, awk, tail, head, cut, sort, uniq or even some perl based scripts in a Java environment. A bit like what Apache Ant means to good old make.

Java and ColdFusion libraries to lookup country code and language from IP address. It uses a local copy of the WHOIS database to perform fast, accurate lookups of country codes. Useful for log analysis, internationalization, geolocation, etc..

Kafka/distributed commit log service in Go. Protocol compatible with Kafka so Kafka clients and services work with Jocko. Use Serf for discovery, Raft for consensus (and remove the need to run ZooKeeper). Able to use percentages of disk space for retention policies rather than only bytes and time kept. Handling size configs when you change the number of partitions or add topics. API versioning [more API versions to implement]. Replication [first draft done - testing heavily now]. Partition consensus and distribution.

Command line LOGalyze client. logalyze-cli is a powerful command line client for managing LOGalyze engine. With LOGalyze application log analyzer, you can collect your log data from any device, analyze, normalize and parse them.

Lighweight Universal Log or Network Analyzer is a Open Source project (written in Perl) with the intention of creating a logsystem which is capable of creating statistics out of the files.

A light application management tool

Traffic accounting suite for Linux that comes with a webinterface written in PHP. Requires iptables, its ULOG target and MySQL for data storage. This system uses categories which are fed by iptable rules that can be defined using the webinterface.

VB application based on the FreeCap project that aims to capture SNMP-Trap messages from Linksys routers in order to monitor potential security violations. It is at a very early stage right now but I really hope to get some time to make it nicer. If yo

monitors logfiles and displays in realtime. log messages may be formatted with different fonts and colors, contents can be parsed, reformated, may even trigger actions playing sounds or executing shell commands. Log can be viewed remotely via webbrowser.

Netscreen Firewall Log Analyser which can analyse log files in Netscreen Log File format and copy data into Access Database. Developed by Specialists for Computer Systems (SCS)

Log File Paladin is a wxWdigets based client and PHP based server application for automated monitoring of remote logs. It is designed to help technicians effortlessly monitor client machines which would otherwise receive no attention.

A tool to extract the information in any log file into a database. It has no inherent knowledge of particular log formats but by using inbuilt rules and asking a few simple questions should be able to parse any type of text log intelligently.

Inputs watch log files for changes, send new log messages to the server, which broadcasts to web clients. Log messages are tagged with stream and source information based on user configuration. log.io has no persistence layer. File inputs are informed of file changes via inotify, and log messages hop from input to server to web client via TCP and socket.io, respectively. log.io uses a stateless TCP API to receive log messages. Writing a third party harvester is easy. Open a TCP connection to the server and begin writing properly formatted messages to the socket. Input paths can be a file path, directory path or a glob. Additionally, watcher options can be provided for more fine-grained control over file watching mechanics and performance. The file input connects to the server via TCP, and writes properly formatted strings to the socket.

Visualize Application and Firewall Logs with Google Earth. A web based PHP parser feeds Google Earth with near realtime data.

A distributed logging & monitoring WS architecture using WS-Notification (WSN) as well as a Log4J appender that implements an appropriate adapter. Software components that already use Log4J can be integrated non-intrusively.

Log4j Viewer is an Eclipse plugin which can read various patterns of log4j's log file and show them in a structured table view which filtering, sorting, searching may apply on.

LogCop is a set of turn-key bash/firewall/awk scripts for enhancing an IDS. It monitors system logs and blocks IP addresses based on such criteria as illegal user names from repeated attacks. In production under Linux, FreeBSD, OS X, Solaris.

The logjana program is a log program for the jana proxy server V2. It splits the main logfile "proxy.log" in timed files. The main logfile "proxy.log" will not be change. For questions send a mail at michael.wiechert(at)goo

Loganalyzer for Windows XP Firewall and Linux Iptables firewall. Generates a nice html document with statistics from all the pakets captured by the firewall. The program is written in Python and has an (optional) graphical interface.