Search Results for "log analysis tools"
Sort By:
Showing 40 open source projects for "log analysis tools"
View related business solutions-
Your monitoring isn't a stack. It's a pile. Fix that.Replace Datadog, New Relic, and Sentry without adding three more dashboards.
-
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
1
Wazuh
The Open Source Security Platform
Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers. Centralized architecture enabling scalable deployment and unified management. Easy deployment with... -
2
SSHGuard
Intelligently block brute-force attacks by aggregating system logs
SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf. -
3
ttyrpld is a multi-OS kernel-level TTY keylogger and screenlogger with (a)synchronous replay support. It runs on Linux, Solaris, FreeBSD, NetBSD and OpenBSD.
-
4
readpe
The PE file analysis toolkit
readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
What is DracOS GNU/Linux Remastered ? DracOS GNU/Linux Remastered ( https://github.com/dracos-linux ) is the Linux operating system from Indonesia , open source is built based on Debian live project under the protection of the GNU General Public License v3.0. This operating system is one variant of Linux distributions, which is used to perform security testing (penetration testing). Dracos linux in Arm by hundreds hydraulic pentest, forensics and reverse engineering. Use a GUI-based...
-
6
OpenWAF
Web security protection system based on openresty
The first all-round open source Web security protection system, more protection than others. OpenWAF is the first fully open source Web application protection system (WAF), based on nginx_lua API analysis of HTTP request information. OpenWAF is composed of two functional engines: behavior analysis engine and rule engine. The rule engine mainly analyzes the individual requests, and the behavior analysis engine is mainly responsible for the tracking of the request information. Rule engine inspired by modsecurity and freewaf(lua-resty-waf), the ModSecurity rules will be implemented using lua. ... -
7
Snare Lite (SIEM & Logging Software)
Snare Enterprise: bit.ly/Snare-Trial
...https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM architecture regardless of third party developers. In fact, the agnostic nature allows it to bridge gaps between multiple SIEM implementations across business units. For more on use cases, check out the Intersect Alliance website. https://www.snaresolutions.com/ Snare Enterprise’s premium features include: - Regulatory Compliance - TLS Encryption - Log Simulcasting - TCP – Guaranteed Log Delivery - USB Device Monitoring - And more! ... -
8
ParamIT
a Toolset for Molecular Mechanical Force Field Parameterization
...The developed toolkit helps the researchers in following ways: 1) automating the creation of multiple input files for quantum and molecular mechanics programs, 2) automating the output analysis and 3) substitute the use of full MM programs with a faster specialized one. The developed tools include: 1) generator of molecule-water complexes with graphical user interface (GUI), 2) semi-automatic frequency analysis using symbolic potential energy distribution matrix and comparison of optimized internal coordinates, 3) GUI for charge fitting with three modes: manual, Monte-Carlo sampling or brute force, and 4) GUI for dihedral terms fitting. ... -
9
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich... -
Streamline Azure Security with Palo Alto Networks VM-SeriesImprove your security posture and reduce incident response time. Use the VM-Series to natively analyze Azure traffic and dynamically drive policy updates based on workload changes.
-
10
DEEEP
Detector of Integer Vulnerabilities in Software Portability
DEEEP is a open source static analysis tool to detect, in C programs, integer vulnerabilities caused by the bad adaption of aplications from ILP32 to LP64. It uses the tools Lint and Splint, and runs over Open Solaris and Linux operating systems. This tool semantically analyses source code. More precisely, it does type checking, data-flow analysis, and it automatically correlates the results of these two types of analysis. -
11
Free-SA
Free-SA is report generating tool for web, proxy and mail log files
Free-SA is logs processor and report generating tool. It can be used to control traffic usage, to evaluate conformance to the Internet access security policies, to investigate security incidents, to evaluate web server efficiency and to detect troubles with server configuration. -
12
JMassLogProcess is an next generation SIEM solution, based on high performance syslog and snmp trap collector(up to 20,000 logs/s),Distributed File System(Hadoop),Complex Event Processing Engine and ZK …….
-
13
Ourmon is a network monitoring and anomaly detection system and displays the data for multiple BPF expressions via RRDTOOL-based graphs. It also helps the user identify various kinds of network anomalies using various flow analysis tools and logging.
-
14
Logdigest mails interesting lines from log files to the system administrator. Non-relevant lines are filtered out by customizable regular expressions. Logdigest comes with a set of such regexps to provide a good starting point.
-
15
A suite of source and binary programs to test the capabilities of code analysis tools. A reference implementation of x86 binary analysis in C# is also included.
-
16
FLAG was designed to simplify the process of log file analysis and forensic investigations. FLAG facilitates efficient analysis of large quantities of data within an interactive environment. PyFlag is the reimplementation of FLAG in Python.
-
17
The kernel network stack may behave not as expected, especially in the case of receiving packets. With Ianus it is possible to bypass the kernel network stack and to develop your own network stack in user space or other tools.
-
18
The Cryptographic Implementations Analysis Toolkit (CIAT) is compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable).
-
19
This project is an attempt to redesign the snort database schema and to provide a new analysis frontend and associated tools.
-
20
TILT is a set of terminal logging and playback tools for auditing telnet and SSH connections made from a bastion host. It provides timestamped logs and real time playback of logs for incident reports, incident analysis or as a training aid
-
21
Nuhe is a log monitoring system, which is capable of alarm generation and action when rules are matched against log(s) activity.
-
22
NOAHDB is a command line tool that parses the log files that are emitted by the Argos Honeypot and populates the tables of a MySQL database.
-
23
Cnc's IP Data Volume Report
Logs IP to IP contact, number of packets, bytes.
Cnc's IP Data Volume Report: Logs IP to IP contact, number of packets, bytes, time of contact, Ethernet too! View via local web interface. Very simple for those who want to view who your computer is contacting the most! -
24
Secwatch is an intrusion detection system using log analysis to detect service scan and other brute-force attempts on a server or other computer using system logs and will create temporary firewall rules to block offending IPs
-
25
Bruteblock allows system administrators to block various bruteforce attacks on UNIX services. The program analyzes system logs and adds attacker's IP into IPFW table effectively blocking them. Addresses are removed from the table after expiration period