Open Source Linux Log Analysis Software - Page 2

HoneyVIew ist a tool to analyze honeyd-logfiles of the honeyd-daemon implemented by Niels Provos in an convenient way. HoneyView generates graphical and textual results from queries against the logfile data.

Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.

Logpp is a tool for preprocessing event logs and feeding relevant data to other programs for storing or in-depth analysis. Logpp reads lines appended to input files, matches the lines with patterns, and writes the results to given destinations.

ISPMan is a system to design massive ISPs using LDAP as the backend. ISPMan provides a web front end and a command line interface to create virtual domains and manages users, dns information, email infos and httpd setup data for these vhosts.

MySQL Squid Access Report

IP traffic accounting on CISCO routers.

This is a multiplatform general utility suite for use with existing network stumbling software, such as Kismet or NetStumbler. The program will convert between multiple output logs, including the popular wi-scan format, between platforms.

GoAccess is a real-time Apache web log analyzer and interactive viewer that runs in a terminal and provides fast and valuable HTTP statistics for system administrators that require a visual report on the fly.

IPCAD runs captures traffic on the specified interfaces (BPF, PCAP, divert, tee, ULOG, IPQ), and records the traffic for later retrieval and analysis. Traffic exported via RSH or NetFlow.

KismetToolSuite contains a couple of command-line tools to analyze, convert and merge Kismet log files (.csv, .gps and .xml). It is also a windows version for the Kismet to NetStumbler converter available!

A simple syslog viewer which uses the syslog format described in RFC 5424. The viewer is written in C# and uses .NET 3.5 or higher. This tool uses objectlistview component from http://objectlistview.sourceforge.net

SNĒZ is a web interface to the popular open source IDS programs SNORT® and Suricata. IDS output can be unified2 or JSON formats. The main design feature of SNĒZ is the ability to filter alerts based on criteria set by, and documented by, a security analyst. Alerts are viewed and summarized in different ways, filtered, and documented until ideally no alerts remain. At any time, filters can be suppressed so that all collected alerts can be analyzed for patterns, forensics, etc. Filters can also be used to hide noisy alerts without deleting them or suppressing them at the IDS. An effective strategy for dealing with noisy alerts can be achieved by combining alert thresholding at the IDS and filtering in SNEZ. SNORT® is a registered trademark of Sourcefire, Inc. All rights reserved.

IPAC-NG is the iptables/ipchains based IP accounting package for Linux. It collects, summarizes, and nicely displays IP accounting data. Ipchains and (preferably) iptables are supported. Logs are stored in files, a gdbm or a PostgreSQL database.

Impost is a network security auditing tool designed to analyze the forensics behind protocol exploitation.

Squeezer is a multi-dimensional logfile analyzer for Squid web cache server. It measures transfer speed from Squid, source servers and other caches and gives an information useful for tuning Squid and web cache hierarchy or mesh.

Powered by http://www.softwaresuite.de Similar service cost at least $ 10 in a month. With this software, you get the opportunity to analyze your website visits in real time. Website Analyzer service is ad-supported and therefore it is free for you to 100%. Live web stats and traffic analytics. Observe your visitors interacting with your web site in real time and much more in our feature list.

[ set status to abandon - volunteers welcome ] The postfix-logwatch / amavis-logwatch log analyzers produce summaries, reports and statistics regarding the operation of postfix and amavis. Use standalone, or as a filter module for the open source logwatch utility.

Sgrep (sorted grep) is a much faster alternative to traditional Unix grep when searching large files, because sgrep searches sorted input files using a fast binary search to find matching lines.

Capra is a Open Source tool to quickly get some nice and useful reports out off your Watchguard Fireware log files.

The Distributed Intrusion Detection System.

Kojoney is an easy of use, secure, robust and powerfull Honeypot for the SSH Service written in Python. With the kojoney daemon are distributeds other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log fi

LogCrawler is an ANT task for automatic testing of web applications. Using a HTTP crawler it visits all pages of a website and checks the server logfiles for errors. Use it as a "smoketest" with your CI system like CruiseControl.

A stand-alone or plug-in application that supports automatic decompression/decoding of files (.tar, .gz, .shar, etc.).

Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.

ATTENTION: Snare Lite is unsupported legacy software. While it will remain a part of the SourceForge community, it is no longer secure and compliant. For up to date Snare software check out Snare Enterprise. https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM architecture regardless of third party developers. In fact, the agnostic nature allows it to bridge gaps between multiple SIEM implementations across business units. For more on use cases, check out the Intersect Alliance website. https://www.snaresolutions.com/ Snare Enterprise’s premium features include: - Regulatory Compliance - TLS Encryption - Log Simulcasting - TCP – Guaranteed Log Delivery - USB Device Monitoring - And more! For updates follow us on social media!