Hybrid IT Monitoring and Analytics Software - SaaS, Virtual, Physical
Zenoss is the global leader in hybrid IT monitoring and analytics software, providing complete visibility for cloud, virtual and physical IT environments for more than 40,000 global organizations. Zenoss customers gain IT performance and risk insights into their unique IT ecosystems through real-time analytics that adapt to the ever-evolving data center and cloud, enabling them to eliminate disruptions and accelerate business. The power of Zenoss Core begins with its in-depth IT inventory and configuration database. Zenoss creates this database by discovering managed resources -- networks, servers, storage, and other devices -- in your IT environment. Once Zenoss Core discovers the IT infrastructure, it automatically begins monitoring the performance of each device and provides event and fault management capabilities. Zenoss offers Open Source Core, Enterprise and SaaS solutions as well as an open API and SDK to easily extend your IT monitoring via Zenoss ZenPacks.
AWStats is a free powerful and featureful server logfile analyzer that shows you all your Web/Mail/FTP statistics including visits, unique visitors, pages, hits, rush hours, os, browsers, search engines, keywords, robots visits, broken links and more
AnalysePlugin will help you to search for more than one search pattern at a time. It is a plugin for NotePad++.
Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet. Sarg generate HTML reports, with informations about users, IP Addresses, bytes, sites and times.
Squid Analyzer parses Squid proxy access log and reports general statistics about hits, bytes, users, networks, top URLs, and top second level domains. Statistic reports are oriented toward user and bandwidth control.
Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.
Enhanced Apache Server Status
The pimped Apache status makes the Apache server status readable, sortable and searchable. The pimped Apache status can merge the status of several servers that opens the possibility to identify the troubleshooter even in a loadbalanced website. The webbased tool offers a multilanguage, skinable interface with a built-in updater. In several views you see most requested pages, vhosts, used methods, IPs that make the most requests and more. All views are sortable tables you can filter by a keyword and are available as API Request too to get its data as CSV, XML or JSON. Compatible with PHP 5 up to PHP 7.
Log Management Solution
Logs Analyzer, Alerter & Reporter with a Web Interface
ISC dhcpd leases usage analysis
This is dhcpd-pools ISC dhcp shared network and pool range usage analysis. Purpose of command is to count usage ratio of each IP range and shared network pool which ISC dhcpd is in control of. Users of the command are most likely ISPs and other organizations that have large IP space. Program is written C. Design goal is to get analysis done quickly where there is lots of data. On cheap laptop the speed of analysis is roughly 100k leases per second. Number of ranges, or shared networks, does not make any significant difference in getting analysis done.
Log analyser for Squid access.log
Screen squid is web-based interface for viewing reports based on Squid proxy server log files. It can be accessed from web-browser through more than 50 reports. No extra files, only DB. All reports generated "on-the-fly".
ProM is the comprehensive, extensible framework for process mining. Process Mining deals with the a-posteriori analysis of (business) processes using enactment logs.
Snare Enterprise: http://bit.ly/premium_snare
ATTENTION: Snare Lite is unsupported legacy software. While it will remain a part of the SourceForge community, it is no longer secure and compliant. For up to date Snare software check out Snare Enterprise. https://www.intersectalliance.com/why-snare-enterprise/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM architecture regardless of third party developers. In fact, the agnostic nature allows it to bridge gaps between multiple SIEM implementations across business units. For more on use cases, check out the Intersect Alliance website. https://www.intersectalliance.com/ Snare Enterprise’s premium features include: - Regulatory Compliance - TLS Encryption - Log Simulcasting - TCP – Guaranteed Log Delivery - USB Device Monitoring - And more! For updates follow us on social media!
XL-Parser is a tool for data extraction and analysis.
XL-Parser provides a bunch of functions for data extraction and analysis. It also provides web log analysis features like a tool for detection of suspicious activities. More details and screenshots on http://le-tools.com.
Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.
A multi-platform universal log collector and forwarder
NXLog is a modular, multi-threaded, high-performance log management solution with multi-platform support. In concept it is similar to syslog-ng or rsyslog but is not limited to unix/syslog only. It can collect logs from files in various formats, receive logs from the network remotely over UDP, TCP or TLS/SSL . It supports platform specific sources such as the Windows Eventlog, Linux kernel logs, Android logs, local syslog etc. Writing and reading logs to/from databases is also supported. The collected logs can be stored into files, databases or forwarded to a remote log server using various protocols. The old BSD Syslog and the newer IETF syslog standard is fully supported by NXLog in addition to Snare, XML, JSON, GELF, KVP, CSV and custom formats. A key concept in NXLog is to be able to handle and preserve structured logs. No need to convert everything to syslog and parse these logs again at the other side. It has powerful message filtering, log rewrite and conversion capabilities.
Strong Email & Apache Log Analysis with Active Security Features
X-Itools: eXtended Internet Tools. Suite of tools composed of several collaboration modules. Old and initial project born in 1999, 1st published in 2001 on Sourceforge. X-Itools E-mail management module (log analysis) initiated in 2004 with Web 1.0 technologies (private SVN server). X-Itools development restarted since 2011, on the basis of a unique module: E-mail management module (log analysis). Now based on web 2.0 technologies (ExtJS 4.1) and devel restarted because of a particular interest given to it by a world wide Organization (United Nations). Module renamed "X-Itools ELSE", for "X-Itools E-mail Log Search Engine". Some features: Log analysis and correlation of Postfix and Exchange servers, statistics, policy manager, in-deep analysis, automated network graphs for e-mail tracing, CSV export... The Swiss knife of Messaging Admins. In 2015, X-Itools ELSE is no more limited to E-mail logs: Apache logs are also processed and related stats and dashboards will be there!
FW1-Loggrabber is a command-line tool to grab logfiles from Checkpoint FW-1 remotely using Checkpoints LEA (Log Export Api), which is one part of Checkpoints OPSEC API.
SNĒZ is a web interface to the popular open source IDS program SNORT® . The main design feature of SNĒZ is the ability to filter (or dismiss) alerts without having to delete. Please view or download README file for platform and software prerequisites. SNORT® is a registered trademark of Sourcefire, Inc. All rights reserved.
Log File Monitoring - Check Log Files, Analyze, Alert on any UNIX Log
Monitoring log files is mandatory in all UNIX environments. LoGrobot does this for you efficiently. It analyzes, graphs and alerts on system log files, application log files, database log files, custom log files...basically any log file. Benefits: Automatically scans log files for errors or user specified patterns Shows the offending log entries in the alerts generated on a monitored log file Shows latest size of a log file at the time of the most recent log check Shows total entries written to log file in the most recent check Can tail logs in time frames rather than tailing random lines Monitors and alerts on log file growth Monitors and alerts on log file size Monitors and alerts on log file time stamp Sends out email alert notifications on log files When run without arguments, LoGrobot displays direct instructions on usage. NOTE: For the fully-featured version of the LoGrobot Log File Monitoring tool (also known as logXray), visit www.LoGrobot.com/#download
TISCONSREP - консольное приложение, позволяющее сформировать отчет по трафику, используя базы данных ПО Traffic Inspector (Трафик Инспектор).
This RRDTool Framework provides a central HTTP-based service for import into standard RRD DBs and graph generation. A lightweight, easily extendable agent for the data sources is pushing updates with minimal resource consumption on the master service.
Tranalyzer flow generator packet analyzer moved to: tranalyzer.com
Download the new version 0.7.1 from https://tranalyzer.com/getit This tool generates extended netflow-like flow statistics from large pcap files or ethernet interfaces. It is intended to serve as a tool for IT troubleshooting, encrypted traffic mining and forensic analysis. A packet based "tshark mode" for detailed header and content inspection is also available. Flow based and packet based content inspection and extraction, better reporting, forensics support and encapsulation support such as ethip, teredo, anything in anything, sctp, etc are new features of the 0.7.1