< Prev 1 2 3 4 5 6 7 8 9 10 Next >
Category: Utilities » Log Management
LKL is a userspace key logger that runs under Linux on the x86 architechture. LKL sniffs and logs everything that passes through the hardware keyboard port (0x60). It translates keycodes to ASCII with a keymap file.
pf2x is a PHP script that will take the output of your pflog and convert it into various different output formats. These output formats include plain text, XML, HTML, PDF, and MySQL INSERT statements for import into a MySQL database. This was developed and tested on OpenBSD 3.3 but should work for any system that uses PF.
adcfw-log is a tool for analyzing firewall logs in order to extract meaningful information. It is designed to be a standalone script with very few requirements that can generate different kinds of reports, such as fully formatted reports of what had been logged, with summaries by source or destination host, the type of service, or protocol. There are also options to filter the input data by date, host, protocol, service, and so on.
sysklogd-sql is a port of the sysklogd daemon that can log data to a MySQL database running either on the same machine or a remote database server. The SQL configuration is done in the standard syslog.conf file for easy administration and configuration. Also included is a set of sample PHP scripts to query the data from the syslog database. In a large environment, you can set up a central logging server, or configure a secure syslog environment that will make it very difficult to tamper with the syslog data.
NewSyslog is an updated version of a package put together by Theodore Tso of MIT Project Athena (which is included in NetBSD, FreeBSD, OpenBSD, etc.). This version has a mix of features from all of the other versions, and it has been made more portable than any of the others with the help of GNU Autoconf.
LogIDS 1.0 is my latest tool and my personal contribution to the IDS field. I think that LogIDS will change the way people view intrusion detection, and may even redefine terms like ?event correlation?. LogIDS 1.0 is a real-time log-analysis based intrusion detection system, or since it can be fed with logs from other kind of IDS, it can be seen as a mega-IDS. The graphical interface presents you with a representation of your network map, where each node (host or subnet) have its own little console window, where the logs belonging to it can eventually be displayed (depending on your rules). You get to specify the format of the log files you want to monitor, apply rules to these log files using field names you have previously defined, and you configure it to correspond to your environment and that's it! Rules can be displaying the fields you choose in the GUI, emit sounds for warnings or alerts, display icons pertaining to the actions depicted in the logs, or disregard the data if it contains no useful data. You can use LogIDS with LogAgent as a log supplier, and monitor logs from varied sources such as, but not limited to, Event Viewer, ComLog, ADSScan, IntegCheck, LogAgent 4.0 Pro, Snort, personal firewalls, most antivirus products, Apache, and just about any other software that produces ASCII log files (with the notable exception of IIS).
LogAgent 4.0 Open Source is the latest version of the popular log monitoring software. Now monitors also Event Viewer logs, and you have the ability to send the output to the printer. You can also specify NULL directories for greater flexibility. You can also append time and date along with IP, hostname and username. Ships with 2 standalone companion programs, ADSScan (an alternate data stream scanner) and the combo HashGen and Integcheck (a MD5-SHA1 file system integrity checker, or HIDS), both free and Open Source.
Sudoscript is a pair of Perl scripts (sudoscriptd/sudoshell) that provide an audited root shell using sudo.
PheTail automatically tails an amavisd-new logfile for activity. Whenever relevant activity is found, it is written to a SQL database.
Logtool is a syslog file parser, report generator, and monitoring utility. It takes syslog (and syslog compatible) logfiles as input from stdin, and depending on command line switches and/or config file settings, will parse and filter out unwanted messages from the logfile accordingly, and generate output in ANSI color, formatted ASCII, CSV (for spreadsheets), or HTML format. It is very handy for use in automated nightly reports, and online monitoring of logfile activity. It comes with some simple example scripts and documentation.
Browse by category