Query HCP for objects based on operations (create, delete, ...)
'HCP Metadata Query Tool' is a GUI-based application that allows to run queries against HCP's Metadata Query Engine. It is restricted to operation-based queries, which reflect the creation and deletion of objects within HCP. It generates a list of objects within HCP as a whole, for a single Tenant, some Namespaces or even subdirectories whithin a Namespace. Result is a file in CSV-format or a SQlite3 database file for easier analysis. Additionally, it delivers a directory tree summarizing the number of files and subdirectories for each directory. The result is provided as a file in JSON-format ('selected name'.tree) to be easily evaluated using standard scripting languages (Java, Perl, Python to name a few); it's human-readable, also. You'll need to have either an administrative account with the Search role assigned or an user with the Search role for the namespaces to be queried. MAPI access isn't required.
Turn log4j or similar logfiles into a Python list object
Called from command line, this python program counts the lines in your logfile with ERROR, INFO, WARN etc. You can also import the function generate_log_report from it and use the returned list object in your Python program for further processing.
A simple log analysis and botnet detection tool
A Python multiplatform tool to filter, colorise and analyse logs
PyLogAnalyzer is a tool that receives an input log in black and white, a configuration INI file, which contains the list of rules to process the input, and an output file where to save the results. These rules permit to detect an input line according to a regular expression (regex) or line number range, filter it, pass it, colorise in foreground and background, columnise the groups of the regex and enable or disable the rule. The final goal of this tool is to ameliorate reading long and difficult b/w logs, speed up the analysis and enhance day to day wearying activities. As common application, you can colorise adb logcat logs taking the example files and using them (and also, filter unnecessary lines). You can INSTALL it from PyPI: $ python -m pip install pyloganalyser
Open Source System and Network Monitoring for Linux Desktop
Open Source system and network monitoring application for desktop Linux user. It gives end-user broader view of what happening on their system. The basic idea is give linux user application that can monitor system like many commercial antivirus HIDS.
Geographical IP Correlation
TL;DR Version: I wrote a tool called GIPC (short for Geographical IP Correlation and pronounced Gypsy) which takes a list of IP address and returns the Geographical information you select based on the MaxMind.com GeoCity Database. The exe requires 2 inputs: The IP file (one IP per line) MaxMind GeoCity database – This can be downloaded HERE:http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz Please read more on my blog: http://jcsocal.blogspot.com/2013/03/geographical-ip-correlation-tool.html
The project was born in FASTA University, Argentina, with the goal of studding keystroke dynamics patterns of users by analyzing their digraphs/trigraphs. Our research is aimed at detecting and differentiating users by analyzing its typing pattern.
Kismon is a PyGTK based Kismet Newcore (since 2009-05-RC1) Client with a live map of the networks.
Parses a log file, shows the relevant information in a table
Parses a log (file or http), shows the relevant information in the form of a table. Allows filtering, searching, limited keyword highlighting. Is fully customizable: - which information to show - adding alternative parsers - reads from a file or a http server Current alpha version supports multiple parsers, for which the specification is found in an XML file (which should have the extension '.lpc'. The interface is not customizable yet. If you're interested in how it is done, check out the code.
Command-Line search tool for syslog files
Lograptor is a search tool for system logs written in legacy BSD syslog format RFC 3164 and for IETF syslog protocol RFC 5424. The program can perform searches in syslog files like as the UNIX command "grep", but with the addition of some filters and parameters, useful to restrict the search field and retrieve the relevant informations from log files. You could specify parameters like hostname, application, date, time range, plus a set of filters on message data.
tool for detecting low level interaction honeypots.
Use python to parse privoxy log in clf format and refer to wot ratings of the site and then dump the data in a sqlite database for statistics generation later.