Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization
DAD is a Windows event log and syslog management tool that allows you to aggregate logs from hundreds to thousands of systems in real time. DAD requires no agents on the servers or workstations. Correlation and analysis is driven through a web front end.
AutoIndex is a PHP script that makes a table that lists the files in a directory, and lets users access the files and subdirectories. It includes searching, icons for each file type, an admin panel, uploads, access logging, file descriptions, and more.
Enhanced Apache Server Status
The pimped Apache status makes the Apache server status readable, sortable and searchable. The pimped Apache status can merge the status of several servers that opens the possibility to identify the troubleshooter even in a loadbalanced website. The webbased tool offers a multilanguage, skinable interface with a built-in updater. In several views you see most requested pages, vhosts, used methods, IPs that make the most requests and more. All views are sortable tables you can filter by a keyword and are available as API Request too to get its data as CSV, XML or JSON. Compatible with PHP 7 up to PHP 7.2 (and should run on PHP 5.x - but is not supported).
WikiBlame is a php-based tool that helps you find out when a certain phrase was inserted into an article in a MediaWiki
MySQL Squid Access Report
Qmail-Scanner Statistics (QSS) uses the Qmail-Scanner Logfile to generate daily, monthly, and yearly statistics. It also shows a complete list of viruses stopped by Qmail-Scanner, the top five domains from which the viruses came, as well as the countries
The Distributed Intrusion Detection System.
Log analyser for Squid access.log
Screen squid is web-based interface for viewing reports based on Squid proxy server log files. It can be accessed from web-browser through more than 50 reports. No extra files, only DB. All reports generated "on-the-fly".
PHPIDS-based Security Log Analyzer for Apache
NOTE: This project is no longer under active developement. Check out the successor at: https://github.com/jensvoid/lorg Web Forensik ist a script that uses PHPIDS to automatically scan your HTTPD logfiles for attacks against web applications. Check the Wiki for installation, configuration, usage.
Skeith is a php based front end for analyzing logs for Apache using mod_log_sql.
Strong Email & Apache Log Analysis with Active Security Features
X-Itools: eXtended Internet Tools. Suite of tools composed of several collaboration modules. Old and initial project born in 1999, 1st published in 2001 on Sourceforge. X-Itools E-mail management module (log analysis) initiated in 2004 with Web 1.0 technologies (private SVN server). X-Itools development restarted since 2011, on the basis of a unique module: E-mail management module (log analysis). Now based on web 2.0 technologies (ExtJS 4.1) and devel restarted because of a particular interest given to it by a world wide Organization (United Nations). Module renamed "X-Itools ELSE", for "X-Itools E-mail Log Search Engine". Some features: Log analysis and correlation of Postfix and Exchange servers, statistics, policy manager, in-deep analysis, automated network graphs for e-mail tracing, CSV export... The Swiss knife of Messaging Admins. In 2015, X-Itools ELSE is no more limited to E-mail logs: Apache logs are also processed and related stats and dashboards will be there!
AVirCAP is a system for manual and / or automated detection of CodeRed and Nimda type of hack attempts and virtually all other kinds of "logable" intrusion attempts. It can work stand alone or together with other additional AVirCAP machines in the LAN/W
Php Log Analyzer (aka PLA) is a Log Analysis tool for Apache. There are lots of log analyzer softwares available on the internet but most of them have their own data storage ways. PLA is a tool to analyze log files and store results into MySQL databases.
SRG is a log file analyser and report generator for the Squid web proxy. It is fast and was created to allow easy integration with other authentication systems. SRG is flexible and can report right down the the level of individual files requested.
MySQL log analyzer and profiler. Extracts the most popular queries grouping them by their normalized form and shows the statistics for each group. Helps developers to recognize most frequently run queries to be able to optimize overall db performance.
System for Web usage mining and data warehouse: it allows the discovery of knowledge from data (KDD) regarding users' usage on the Web (such as unique visitors, sessions, transactions) and organise it in a RDBMS (currently PostgreSQL). Written in C++.
A monitor for search engine crawlers
Crawlitor is a tool for monitoring how search engine bots are crawling your website. It will help you detect and fix crawling errors and that will finally improve your rankings and make bots such as google like your website more. This tool will be similar to Google Webmaster Tools but will give you more features and control over all search engine robots from one place, because it will be hosted on your webserver. The development will be done using PHP, MySQL, and Yii Framework and crawling data will be extracted from Apache Logs. There are plans for the future to support other databases and web servers. If you'd like to contribute please get in touch.
G.R.E.A.T. - Google Earth Reporting Engine and Analysis Tool The Goal of this project is to create a basic IDS interface with Google Earth. Currently generates a KML file of traceroute/whois information suitable for use in Google Earth
A visual amateur radio logging application written in PHP and MySQL, that allows amateur radio stations to manage their QSO logbook either by direct entry in to a webpage, or bulk upload the ham radio deluxe database, displaying results in google maps
AimLogPhP is a PHP based front end for a MySQL database of AIM messages created with the AIMySQL plugin.
ParticleTraffic is a free, open-source, PHP5 website traffic monitoring application
We are working on the best stats application to the Call of Duty-series. More to come.