< Prev 1 2 3 4 5 6 7 Next >
Category: Utilities » Log Management
sshtools allows you to parse your ssh logs into data that makes sense. Allows you to view the number of failed logins, block the top 10 failed IP addresses, and build reports based on your logs. Currently, there are eight different options for parsing your ssh logs, and all parsing is done without your login IP Address(s), so that you can see the most important data, which is other people logging in. Plans for sshtools include real-time monitoring and real-time IP blocking, and much more.
OSSEC HIDS is an Open Source Host-based Intrusion Detection System. It performs log analysis and correlation, integrity checking, rootkit detection, time-based alerting and active response. It runs on most operating systems, including Linux, OpenBSD, FreeBSD, Solaris and Windows.
Network Equipment Performance Monitor
NEPM is a very general, highly configurable, two part software system that monitors any type of logged data from IP networked equipment and reports it via E-mail and web pages. Current conditions and history from systems based on Windows NT/2000 and UNIX can be tracked and reported. Most major server, switch and router systems can be monitored, without running agents on the target systems. Many networks behind separate firewalls can be reported on at one central site, and hard-to-reach isolated nets can be accessed. NEPM itself is system independent and can be hosted on either a UNIX or WinNT system or a combination of these with equal ease. NEPM monitors and reports uptime, critical events such as intrusion attempts, access rates, bytes-transferred rates, and error rates of network nodes. Unique precursor event links drill down instantly to the causes of downtime, intrusion events, etc. Performance graphs highlight element throughput and error rate. Hardware and software sub-systems within nodes are tracked and reported separately but in a common format that makes possible direct comparison. True hardware uptime is reported so that hardware and software performance can be separated from that of the communications links and from each other. Summary reports and alerts aggregate a view of an entire network's status onto a single page. Reports are provided via web pages posted to a web server for instant access to results. E-mailed text alerts provide prompt notification of dangerous conditions. NEPM is managed via a browser interface, providing full local or remote control from anywhere on the network. Use NEPM to increase your network uptime, increase network security, monitor QOS and SLA's, and evaluate new equipment. Equipment monitored can be Windows or Linux/UNIX/FreeBSD servers, or any processor-based system that logs events to non-volatile storage and has a telnet/rlogin/ssh/IP stream-mode interface
SECnology is a Real-Time Logs Management Software that allows the user to respond effectively to rising threats in the security environment by collecting, analyzing and graphically displaying all security event information, generated by multiple and heterogeneous security devices. SECnology provides a seamless picture of enterprise security, enhancing and simplifying the visibility of corporate networks.
Event Log Explorer
Event Log Explorer is a free software for viewing, monitoring and analyzing events recorded in Security, System, Application and another logs of Microsoft Windows NT/2000/XP/2003 operating systems. It extends starndard Event Viewer monitoring functionality and brings new features.
Prelude Hybrid IDS Framework
Prelude is a Hybrid IDS framework, that is, a product enabling all security applications, be it open-source or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard, that enables different kinds of sensors to generate events using a unique language.
LogManager is targeted to be deployed in Security Operation Centers to collect, manage and analyze log messages generated by applications and/or network equipments. Moreover, it offers capability to third party products to correlate these log messages.
Network Equipment Performance Monitor
NEPM is a very general, highly configurable, two part software system that monitors any type of logged data from IP networked equipment and reports it via E-mail and web pages. Current conditions and history from systems based on Windows NT/2000 and UNIX can be tracked and reported. Most major server, switch and router systems can be monitored, without running agents on the target systems.
Azure Web Log
Log analyzer tells you all you want about your web site: What are the most popular pages and files on your site? How many visitors are there and where are they from? What browsers and OS they use? What is your sites traffic? Special features:Statistics for a year. Separate statistics for every page or file - daily hits for two last months, monthly hits for a year, referring site for particular page or file. Multiple site statistics support.
Basic Analysis and Security Engine (BASE)
BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system.
Browse by category