Search Results for "event log parse"

...Besides trapping the attackers, I also want to visualize the Geolocations and other statistics of the sources of attacks. Unfortunately the wonderful original C implementation of endlessh only provides text based log, but I do not like the solution that writes extra scripts to parse the log outputs, then exports the results to a dashboard, because it would introduce extra layers in my current setup and it would depend on the format of the text log file rather than some structured data. Thus I create this golang implementation of endlessh to export Prometheus metrics and a Grafana dashboard to visualize them.

Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.

Sentry is a cross-platform, self-hosted error monitoring solution that helps software teams discover, monitor and fix errors in real-time. The most users and logs will have to provide are the clues, and Sentry provides the answers. Sentry offers enhanced application performance monitoring through information-laden stack traces. It lets you build better software faster and more efficiently by showing you all issues in one place and providing the trail of events that lead to errors. It also...

APCZ is a Linux BASH script that uses SSH to log into a server and parse information from apcupsd software running on it. It presents the most useful information in a graphical window with zenity. This project page is for the bundled releases, such as the Debian installer and the source archive. If you'd like to read the source code without downloading anything, or see changes that have happened since the last bundled release here, you can also find this project on my Gitlab at: https://gitlab.com/gerowen/apcz I sign some of my release files with my personal PGP key. ...

Lilith is a logging and access event viewer for Logback, log4j & java.util.logging. It has features comparable to Chainsaw for log4j. This means that it can receive logging events from remote applications using Logback as their logging backend

...It inspects requests and responses during NGINX phases, applying rule logic and anomaly scoring to detect patterns like SQL injection, cross-site scripting, and protocol abuse. Rules are organized into policies with configurable actions—block, log, or allow—and can leverage shared dictionaries for counters, rate limits, and caching decisions. Because it runs inside the NGINX event loop, it scales with the web tier and avoids the latency of external proxies. Operators can extend it with custom Lua code, integrate threat feeds, or adapt it to application-specific quirks without recompiling modules. ...

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization

...You can now query your enterprise to gather real-time details. HEYMon can monitor anything that is important for you: - Query a database: Look for patterns, perform queries, or generate statistics. - Parse a log file: Look for errors, or other alert conditions and statistics. - Read server metrics: Available RAM, Diskspace, processes, Windows Services - Read Windows Event logs - Monitor Security logs and web request logs - Monitor Guidewire software applications And much more! HEYMon has a Java API where you can create custom components to monitor whatever you need. ...

...It can be used for: * Monitoring and warning of failures of reachability in network attached devices * Monitoring disk usage/cpu utilization/network utilization of configured devices * Receiving alerts of equipment failures from configured devices * Recording alerts, response times, etc into a database ### More complex tasks * send and receive custom ICMP packets * query the Domain Name System (DNS) * access UDP sockets * probe and use some selected SUN RPCs * send and receive SNMP messages (SNMPv1, SNMPv2C, SNMPv3) * write special purpose SNMP agents in Tcl * parse and access SNMP MIB definitions * schedule jobs that are to be done regularly * realize event driven programming on network maps

Logpp is a tool for preprocessing event logs and feeding relevant data to other programs for storing or in-depth analysis. Logpp reads lines appended to input files, matches the lines with patterns, and writes the results to given destinations.

fwblocker is a script used to parse syslog files for SSH, pure-ftpd and iptables entries. It will generate statistics but it's main feature is to lock out IP addresses that used a wrong username/password to log into your SSH or FTP Server.

Green Screen: A Linux based Advanced Syslog Server for Juniper NetScreen Firewalls - Can be expanded later to support other products. It can capture syslog messages, parse them, store them in a MySQL database. A Web GUI interface is also included.

Permits to parse a maillog file and save explicit pattern in a mysql database. HTML report are created in real time, you could see size, sender, receiver, date, error stat. You can enable support for a particular domain and for amavis

Who is jiggling the door of your SMC Barricade firewall? This script will connect to one of those devices via the web interface, authenticate, grab the event log and then re-write the output as a simple HTML table.

Logpecker is a tool for syslog files like /var/log/messages. More flexible than a simple regexp matcher, you can use syslog facility and priority. Messages that appear too often are sieved out. Generates root-tail tickers, reports, active event lists