This is a collection of command line and web based tools for use in incident response and long term analysis use as part of ongoing situational awareness. Often when responding to a security incident the only files available are web server and proxy server logs. The tools here will aid you in detecting odd traffic such as botnet beaconing and SQL Injection attempts. The large amount of data can be overwhelming and the tools in the Log Analysis Tool Kit can be used to parse these files and build a MySQL database for querying.

Currently the log formats supported are:

Proxy Logs:

Squid
Bluecoat

Web Server Logs:

Apache
IIS

Your feedback is always appreciated. Please report any issues or enhancement requests to the author.

The tools are written in Python3 and PHP. The tool kit has been tested on Mac OSX and Fedora.

Project Samples

Total Bytes SQL Injection Detection GeoIP Map Web Log Report

Project Activity

See All Activity >

Categories

Proxy Servers

Follow Log Analysis Tool Kit - LATK

Log Analysis Tool Kit - LATK Web Site

You Might Also Like
Red Hat Ansible Automation Platform on Microsoft Azure Icon
Red Hat Ansible Automation Platform on Microsoft Azure

Red Hat Ansible Automation Platform on Azure allows you to quickly deploy, automate, and manage resources securely and at scale.

Deploy Red Hat Ansible Automation Platform on Microsoft Azure for a strategic automation solution that allows you to orchestrate, govern and operationalize your Azure environment.
Learn More
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Log Analysis Tool Kit - LATK!

Additional Project Details

Registered

2012-04-07
Report inappropriate content