Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization
Strong Email & Apache Log Analysis with Active Security Features
X-Itools: eXtended Internet Tools. Suite of tools composed of several collaboration modules. Old and initial project born in 1999, 1st published in 2001 on Sourceforge. X-Itools E-mail management module (log analysis) initiated in 2004 with Web 1.0 technologies (private SVN server). X-Itools development restarted since 2011, on the basis of a unique module: E-mail management module (log analysis). Now based on web 2.0 technologies (ExtJS 4.1) and devel restarted because of a particular interest given to it by a world wide Organization (United Nations). Module renamed "X-Itools ELSE", for "X-Itools E-mail Log Search Engine". Some features: Log analysis and correlation of Postfix and Exchange servers, statistics, policy manager, in-deep analysis, automated network graphs for e-mail tracing, CSV export... The Swiss knife of Messaging Admins. In 2015, X-Itools ELSE is no more limited to E-mail logs: Apache logs are also processed and related stats and dashboards will be there!
What are the packets rejected by your Netfilter based firewall today ? How often this suspicious host try to connect to your box ? What are the most rejected domains ? Who is this strange host which scan your ports ? The responses are in the iptables log
Permits to parse a maillog file and save explicit pattern in a mysql database. HTML report are created in real time, you could see size, sender, receiver, date, error stat. You can enable support for a particular domain and for amavis
ttyrpld is a multi-OS kernel-level TTY keylogger and screenlogger with (a)synchronous replay support. It runs on Linux, Solaris, FreeBSD, NetBSD and OpenBSD.
ISPMan is a system to design massive ISPs using LDAP as the backend. ISPMan provides a web front end and a command line interface to create virtual domains and manages users, dns information, email infos and httpd setup data for these vhosts.
A number of tools to enhance management/coding of NFR (http://www.nfr.net) IDA, and various other admin tools that can be used for both NFR and hand coding other appliance scripts.
This project can be used by webmasters to analyse the average route of visitors. Written in Perl, this project parsed apache's logs and store them in a MySQL database. This function is not implemented in opensource web stats tools like AWStats. I
Small scripts, config files & how-to to provides simple interface statistics for MRTG without usiong SNMP daemons on routers which wave to be monitored. WHAT YOU NEED TO USE THIS TOOL: MRTG on a server, BASH...that's all!
Internet Control Firewall Intrusion Detection and Logger for Inbound and Outbound Traffic. Watches Files and Directories, Drive and Memory Protection.
Automated complaint system (spamcop style) for complaints and abuses againts pedophile website and abuses over the Internet. Need developpers. See forum for the planning process.
Distributed Syslog collector and viewer system with reliable Syslog msgs over tcp, and query with reg ex. using PERL. Supports IETF syslog and syslog relay, JAVA/JINI based, uses postgreSQL, JBOSS. Chain of custody raw to db data link. UTF8, D, F , UK
Analyse et filtrage de l'observateur d'évčnements de Windows NT. Récupčre les évčnements, les stocke dans une base MySQL et une série de pages PHP permettent de ne retenir que les évčnements les plus importants.
LogViewer is a MS Windows .NET application that display logging datas. It's like the unix 'tail'. It can read a file or listenning over a TCP socket. Use regulars expressions to Hide, Rewrite, Colorize lines of log. Have a look at Screenshots section.