Search Results for "log analysis tools" - Page 4

AfterGlow is a scripts which facilitates the process of generating link graphs from CSV input. AfterGlow is written in Perl and generates output that can be read by GraphViz, Gephi, etc. Source: https://github.com/zrlram/afterglow Tarball: http://pixlcloud.com/afterglow-2

Security Officers Management and Analysis Project (SOMAP) is all about defining security management work methods and supplying Security Officers with tools to do their job more efficient and following standards easily.

Stratagem is a Linux distro for honeypots, network forensics, malware analysis and other supporting tools. Stratagem is based on Linux Mint 14 XFCE. The following honeypots are setup and ready to go. Dionaea Kippo Glastopf HoneyD Amun labrea Tinyhoneypot Thug Conpot (See the wiki for more details on the contents)

MBM-Log allows to look deeply in collected logs (not only Top 10). All charts are generated on demand. You can easily filter data. MBM-Log can help you with FortiGate diagnostics via SSH (built in commands) Java GUI application.

A collection of tools to assist with the forensic analysis of computer systems.

Command line LOGalyze client. logalyze-cli is a powerful command line client for managing LOGalyze engine. With LOGalyze application log analyzer, you can collect your log data from any device, analyze, normalize and parse them.

AntiDef is written in order to handle with defacement attacks. This tool written in Java in a fast-and-dirty manner; However is works. This tool is working straight forward. Server administrator should run the application with the following specific parameters: path to the copy of the web site (source), path to the application directory, path to log directory and few more optional parameters. This tool compares the source and the destination files, then copies the "defaced" files if...

This is a small and simple toolkit that might be useful during steganalysis, it is currently composed by several general purpose command line tools. NOTE: this project has been moved to https://github.com/luca-m/lsb-toolkit

The Forensics Data Identifier (FDI) is a tool which allows for large data files to be easily filtered for common forensically relevant data types.The tool was intended to speed up the ediscovery and analysis processes of the forensics investigation

These three tools build Checkpoint, Cisco ASA or Netscreen policys from logfiles. They write dbedit, access-list or set address, set service and set policy commands for the traffic seen in the logs, that can be cut and pasted into the firewalls. WOOT

JMassLogProcess is an next generation SIEM solution, based on high performance syslog and snmp trap collector(up to 20,000 logs/s),Distributed File System(Hadoop),Complex Event Processing Engine and ZK …….

The Digital Forensic Tool Testing (DFTT) project creates test images for digital forensic acquisition and analysis tools. These images can be used by a tool developers and owners to test their software.

Ourmon is a network monitoring and anomaly detection system and displays the data for multiple BPF expressions via RRDTOOL-based graphs. It also helps the user identify various kinds of network anomalies using various flow analysis tools and logging.

Kojoney is an easy of use, secure, robust and powerfull Honeypot for the SSH Service written in Python. With the kojoney daemon are distributeds other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log fi

Logdigest mails interesting lines from log files to the system administrator. Non-relevant lines are filtered out by customizable regular expressions. Logdigest comes with a set of such regexps to provide a good starting point.

Suite of tools and APIs to manage centralized logs: collectors to get remote logs, tools to navigate through stored logs, tools for datamining over stored logs.

“Instead of remembering a sequence of characters as the secret, users have to remember a shape as the secret.”

This project contains the PERL scripts, which can rearrange the logs from /var/log/messages and insert in to the database. Scripts can also separate logs for each syslog clients as well as for each application of syslog client.

Capra is a Open Source tool to quickly get some nice and useful reports out off your Watchguard Fireware log files.

NARC Network Analysis Reporting Console takes output from security tools like Nessus, and NMap & populates a database via automated scripts for reporting purposes. Version 0.DC14 also includes rudimentary reporting capabilities. New from kaos.theory

FLAG was designed to simplify the process of log file analysis and forensic investigations. FLAG facilitates efficient analysis of large quantities of data within an interactive environment. PyFlag is the reimplementation of FLAG in Python.

Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.

The kernel network stack may behave not as expected, especially in the case of receiving packets. With Ianus it is possible to bypass the kernel network stack and to develop your own network stack in user space or other tools.

The Cryptographic Implementations Analysis Toolkit (CIAT) is compendium of command line and graphical tools whose aim is to help in the detection and analysis of encrypted byte sequences within files (executable and non-executable).

This project is an attempt to redesign the snort database schema and to provide a new analysis frontend and associated tools.