Search Results for "event log parse"

ProcMon-for-Linux by Microsoft is an open-source port of the legendary Windows Sysinternals Process Monitor, adapted for Linux environments. It captures and displays real-time syscall activities—alongside process/thread details—in an interactive terminal interface. With filtering capabilities, full thread stack capture, logging to SQLite, and event replay, it offers powerful visibility into system behavior. Currently distributed as a preview release (up to v2.0 on Linux), it supports Ubuntu...

syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM. With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs. syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance. syslog-ng can deliver data from a wide variety of sources to...

Fluent Bit is a super-fast, lightweight, and highly scalable logging and metrics processor and forwarder. It is the preferred choice for cloud and containerized environments. A robust, lightweight, and portable architecture for high throughput with low CPU and memory usage from any data source to any destination. Proven across distributed cloud and container environments. Highly available with I/O handlers to store data for disaster recovery. Granular management of data parsing and routing....

This is an archive for old versions of OpenEMM. You will find the latest version of OpenEMM here: https://wiki.openemm.org OpenEMM is a browser-based enterprise application for email automation like info and marketing newsletters, transaction mails or multi-stage email campaigns. OpenEMM offers tons of features for professional users, among them: a great user interface, template-based HTML mailings, automatic bounce management, mail opening and link tracking, lots of graphical realtime...

...So the module now supports a module parameter codes which shows the keycode shift_mask pair in hex (codes=1) or decimal (codes=2). You can lookup the keycodes in /usr/include/linux/input-event-codes.h. The keypress logs are recorded in debugfs as long as the module is loaded. Only root or sudoers can read the log. The module name has been camouflaged to blend-in with other kernel modules. You can, however, execute a script at shutdown or reboot (the procedure would be distro-specific) to save the keys to a file. ...

OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization

...It has powerful message filtering, log rewrite and conversion capabilities.

...It can be used for: * Monitoring and warning of failures of reachability in network attached devices * Monitoring disk usage/cpu utilization/network utilization of configured devices * Receiving alerts of equipment failures from configured devices * Recording alerts, response times, etc into a database ### More complex tasks * send and receive custom ICMP packets * query the Domain Name System (DNS) * access UDP sockets * probe and use some selected SUN RPCs * send and receive SNMP messages (SNMPv1, SNMPv2C, SNMPv3) * write special purpose SNMP agents in Tcl * parse and access SNMP MIB definitions * schedule jobs that are to be done regularly * realize event driven programming on network maps

Simple tool to parse the contents of /proc or /sys entries and graph their values. An oscillosope for software types. Intended for developers, admins or the curious to understand the performance and behaviour of their systems.

Logpp is a tool for preprocessing event logs and feeding relevant data to other programs for storing or in-depth analysis. Logpp reads lines appended to input files, matches the lines with patterns, and writes the results to given destinations.

Project Lasso is Windows-based open source software designed to collect Windows event logs, including custom application logs, and provide central collection and transport of Windows log data via UDP/TCP syslog.

Logjam is for log monitoring and log analysis in a cluster computing environment. It's unique contribution is the ability to recognize a distributed event accross many cluster nodes and summarize the event concisely.

Green Screen: A Linux based Advanced Syslog Server for Juniper NetScreen Firewalls - Can be expanded later to support other products. It can capture syslog messages, parse them, store them in a MySQL database. A Web GUI interface is also included.