A powerfull tool for analysing application servers logs (websphere, websphere portal, j2ee, custom) in a cluster (or not). It can analyse any log format thanks to a parser plugin approache. You can easily develop your own parser in java (for jboss, bea,.
Java and ColdFusion libraries to lookup country code and language from IP address. It uses a local copy of the WHOIS database to perform fast, accurate lookups of country codes. Useful for log analysis, internationalization, geolocation, etc..
redWall is a bootable CD-ROM Firewall with Snort, snortsam, dansguardian and support for fwbuilder, spamassassin, reporting (using ACID/sarg/ntop/webfwlog), VPN (FreeSWan/PoPToP/Openvpn) and mail alerting (by mail). Configs are stored on a Floppy or USB
Infrastructure Monitoring, Log File Analysis & Visualization
This project provides a downloadable Ubuntu Linux appliance (virtual machine) consisting of Zabbix and ELK (Elasticsearch, Logstash, Kibana). The intention of this project is to help you get started with collecting performance metrics from your applications and underlying infrastructure. The tools provided help perform infrastructure monitoring, machine data analysis and log file analysis using Open Source software packaged within a Ubuntu Linux Virtual machine. This appliance is also provided to help users of VisualizeIT to collect relevant application & infrastructure performance metrics for purposes of visualization, modelling and forecasting. VisualizeIT offers access to a bunch of Analytical Models, Statistical Models and Simulation models.You can access the VisualizeIT website at www.visualize-it.co and the VisualizeIT modelling solution here http://useradmin.visualize-it.co. Read this to get started - http://community.visualize-it.co/knowledgebase/zabbix-elk-in-a-box/
An eclipse plugin providing tail in view component.
IP Traffic Volume: Logs (counts) in- & outgoing bytes through network device(s) using kernel iptables. Highly configurable as to which bytes are logged, e.g. to/from specific ports or ip-addresses. Data displayed in html via cgi or plain ascii to console
Sorts ip flow data from Cisco IOS routers and switches
SourceTalk sorts the output of the 'show ip cache flow' and 'show ip accounting' commands on Cisco IOS routers and switches. It can be helpful in finding the source of highest traffic on connections overutilized by legitimate traffic or DoS attacks. To use it, paste the entire output of either command in the input textbox and hit ‘Run’. By default the program will deliver the top 10 talkers in descending order, sorted by the number of packets/bytes sent (taken from the last column of the output). The program processes up to 100 000 lines of traffic data and the results can be saved to a .txt file.
Squid Log Analyzer and Report Generator.
Universal IP-traffic collector. Can gather data from Cisco IP Accounting / ipcad, Mikrotik, NSG, Revolution routers.
Tranalyzer flow generator packet analyzer moved to: tranalyzer.com
Download the new version 0.7.1 from https://tranalyzer.com/getit This tool generates extended netflow-like flow statistics from large pcap files or ethernet interfaces. It is intended to serve as a tool for IT troubleshooting, encrypted traffic mining and forensic analysis. A packet based "tshark mode" for detailed header and content inspection is also available. Flow based and packet based content inspection and extraction, better reporting, forensics support and encapsulation support such as ethip, teredo, anything in anything, sctp, etc are new features of the 0.7.1
Dataone Quick usage Finder is a freeware open source utility, that's used to quickly get a summary of BSNL's broadband service dataone. Scheduled dialup connection and disconnection provided for BSNL's night unlimited plans.
imsniff is a pcap-based instant messaging sniffer. It captures the IM traffic in the network and is able to log conversations, contact lists, profile information, incoming email notifications, other MSN events, etc. Tested in Linux and Windows.
We provide a free product that help you to quickly and easily access logged data in order to analyze problems in your network connections. It displays iptables logged data in comfortable format to you can analise your traffic activity
Logpp is a tool for preprocessing event logs and feeding relevant data to other programs for storing or in-depth analysis. Logpp reads lines appended to input files, matches the lines with patterns, and writes the results to given destinations.
This program will monitor one or more log files, updating when more data is available ala 'tail -f' , within a common terminal window via a "split window". User can scroll up/down/left/right through all the windows. A header displays each frames file nam
MusicWatcher is a native OS X application written in Cocoa for doing realtime and non-realtime music analysis, visualization, and animation.
NARC Network Analysis Reporting Console takes output from security tools like Nessus, and NMap & populates a database via automated scripts for reporting purposes. Version 0.DC14 also includes rudimentary reporting capabilities. New from kaos.theory
Nuhe Client is a project related to the Nuhe Action Capable Log Monitor. This GUI client simplifies the administration of sensors and node managers, making it easier to control and monitor the network. Comes with a rule editor as well as a log monitor.
Searches arbitrary text input (logs, etc) for regular expression(s) matching, and then executes arbitrary SQL statement(s) with matched substrings used as parameters. Offers daemon, incremental and transactional features.
Blocks the IP number of SSH probing hosts, using TCP Wrapper. This is version two of ssh_block, a total re-write since the first version.
A PHP script for parsing MRTG log files and displaying network traffic statistics. It can display total traffic, avg. rate, peak time and rate over a selectable period of time. We wish to later support RRD tool and maybe even more log formats.
A full-featured stats plugin for Half-Life 2: Counter-Strike Source. The TerraStats system allows for single website publishing as well as grouped publishing for multiple servers.
Search files for a text string. Like grep but really dumbed down
LogDistiller is a logfile merge and sort tool. Log content is classified according to rules configured in an XML file. Classification results go into reports, which are published : simply stored in a file, sent by mail, or even added to a news feed.
The first stage of development is do write a tool to anonymize packet capture files captured with libpcap. After that we will be integrating this with tcpdump to anonymize in real-time and analyze and look for its effect on different IDS's.