[logs] Picviz 0.3 released Sep 20 2008 09:01AM
Sebastien Tricaud (stricaud inl fr)
Picviz 'good coffee' 0.3 is *out*.
...to have a good coffee, we must filter it!

What is Picviz ?

Picviz is a parallel coordinates plotter, written to help people
finding a needle in a haystack when dealing with numerous events
on their system and struggling to maintain an acceptable level of

It is a computer security visualization program, written in C with
high performances in mind. Python bindings are available, and are
used by the Picviz Frontend that you can use to dig into your graph.

Parallel coordinates, the core visualization technique used by Picviz
allows to represent graphs in N dimensions to see correlations among
variables, making it a useful data mining software.


Everything, including download, installation instructions and
documentation, are available on the project webpage:

Beware, a new dependency was added on libpcre to allow pattern matching

Tarball file size: 1267635
Tarball MD5: 54c0107965b7ed2d777ef2e768561b5b
Tarball SHA1: f09262cd05254cb5d2d2bba837601c28d0c9e827


* Filters: data to be visualized can be filtred, just like how you
do it with tcpdump already but with a different syntax:
'show only plot > 50% on axis 2', to remove all lines not matching
the criterion

and with the pcre module, you can even perform pattern matching to
hide or show wanted data:
'show only value = "[0-9]foo.*" on axis 1'

or, select what the engine plotted:
'show only plot <= 42 on axis 1'

* DShield perl class for pcv language generation scripts (tools/) for
easy integration with dshield (have in red IP addr that match etc.)

* Penwidth property for lines: allow you to increase the line size
a="123",b="foobar" [color="red",penwidth="2.0"]

* pcv tool rewritten

* Properties managed with hash

* CSV plugin: to translate pcv files into csv
pcv -Tcsv file.pcv

* Manpage in pretty good shape

LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus