BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.
Project moved to https://github.com/owfs/owfs/
Please note that OWFS source code, and all Issue/Tickets/merge requests have now been moved to https://github.com/owfs/owfs/. Developer mailing lists will still be kept at Sourceforge. ---- OWFS -- 1-Wire file system. Use the Dallas 1-Wire and iButton chips with standard filesystem commands. Create temperature loggers. Monitor everything. OWHTTPD -- same system, only used as a light weight web server. OWFS is also ported to embedded routers, Mac OSX and Windows. Basically you can use these inexpensive little sensors and other chips with very simple wiring to sense and control the physical environment. The interface is very flexible -- everything from a web browser, to read and writing directly to the chip's "file" to integrating with your programs -- even over the internet. There is a growing number of 1-wire sensors: temperature, voltage, humidity, light, ultraviolet, pressure, thermisters, thermocouples, programmable microcontrollers, relays, lights, LCD panels, etc
OPTOSS Next Gen Network Management System (NG-NetMS)
Why to pay tens of thousands $$$ for your network management software? Get visibility into your networks and complex processes inside with NG-NetMS now! NG-NetMS is a new end-to-end network management platform for your Linux servers, Cisco, Juniper, HP and Extreme routers, switches and firewalls. NG-NetMS is precise, quick and efficient. It collects most complete information about the network inventory, topology, map of IPv4 addresses quickly and with minimum hassle. Most important you will be able to collect, process and analyse Syslog events and SNMP alarms both in near-real-time and from the historical archives in a new way. We successfully used NG-NetMS for delivery of network assessment services for our customers worldwide for many years. And now we want to share this unique and fully functional tool with community. It is not capped in terms of performance or number of nodes. The only limit is the hardware you deploy it on. http://www.opt-net.eu/products
swatchdog.pl started out as swatch, the "simple watchdog" for activity monitoring log files produced by UNIX's syslog facility. It has since been evolving into a utility that can monitor just about any type of log. The name has been changed to satisfy a request made by the old Swiss watch company.
Log Management Solution
Logs Analyzer, Alerter & Reporter with a Web Interface
Log analyser for Squid access.log
Screen squid is web-based interface for viewing reports based on Squid proxy server log files. It can be accessed from web-browser through more than 50 reports. No extra files, only DB. All reports generated "on-the-fly".
Ms event (*.evt) log files viewer
evtViewer is a viewer for Ms event (*.evt) log files written in PERL.
Big Sister is an SNMP aware network and system monitor
Logrep is a tool for collection and presentation of information from various logfiles including snort, squid, postfix, apache, sendmail, iptables/ipchains and nt eventlogs. HTML-reports, multi dimensional analysis, ssh and graphs are available.
The ATSlog software provides a handy web-oriented interface for collecting, viewing and analysing calls for various types of PBX (Private Branch eXchange) models.
free netflow analyzer
This is the kit of perl and php scripts, which used to collect, process store and display netflow data.
Perl logfile analyzer for DELL Sonicwall Firewall logfiles. This Perl program (Windows /Linux / Mac), creates an HTML file containing: hits per protocol, mean, median and variance on hourly and weekday basis, RBL statistics, IPS stats, VPN stats, virus stats, surfing statistics, CFS blocked sites stats.
What are the packets rejected by your Netfilter based firewall today ? How often this suspicious host try to connect to your box ? What are the most rejected domains ? Who is this strange host which scan your ports ? The responses are in the iptables log
Permits to parse a maillog file and save explicit pattern in a mysql database. HTML report are created in real time, you could see size, sender, receiver, date, error stat. You can enable support for a particular domain and for amavis
Moodss is a modular monitoring application, composed of a GUI and a daemon, which supports any device or process for which a module can be developed. Complete dashboards with graphical viewers, thresholds, SQL database archiving, ... can be managed.
User Computer and IP Address Tracking
FWNUA (Free Windows Network User Accounting) runs silently in a Windows login script or GPO and collects data about user logins. FWNUA keeps track of the workstations logins so you don't have to! FWNUA now supports syslog and Splunk! Look for the fwnua - syslog version in the files list. Use Splunk or your own syslog server with data mining tools to create a robust user tracking system. Find our Spunk app on Splukbase: https://splunkbase.splunk.com/app/2773/
Kojoney is an easy of use, secure, robust and powerfull Honeypot for the SSH Service written in Python. With the kojoney daemon are distributeds other tools such as kip2country (IP to Country) and kojreport, a tool to generate reports from the log fi
Netlog is a simple network traffic monitor for Linux, written in Perl. It is very easy to use and suitable for workstations and servers. It can log the traffic on different interfaces and the uptime of the controlled Computer.
Cisco Perl Tools contains CIPAT (Cisco IP Accounting aggregator) and ISDN-Reporter (Cisco ISDN call aggregation and reporting tool). [NetProvisioning has moved to its own project page on SF]
The Looper Event / Alert System is an application primarily used for network management to perform alert monitoring and redirection. It is designed with extreme simplicity in mind and is highly modularized. Also used as a Netcool probe or gqateway.
psmon is a *NIX process monitoring daemon which may optionally be run as a standalone program. Allows slaying and respawning of critical processes which die, or exceed pre-determined TTL, concurrent instances and or memory or CPU usage. Supports syslog a
Rule MANagaer for Snort A PHP addon for snort to manage the rulesets on multiple sensors from a central Snort MySQL db. Main Features: Ruleset merging by group from snort CVS. Automatic sensor update from central DB
Intranet Logger is a suite of programs designed to centralize the parsing, analysis and presentation of system log information generated by computers in an intranet.
mailscanner-mrtg provides configuration files, web pages and related perl scripts for mrtg to monitor your MailScanner (http://www.mailscanner.info/) machine.
php rrd grapher is a complete rrdtool administration website; you will be able to create rrd's, import existing ones, make your own graphs using the interface and much more; it'll support about every rrdtool function.