< Prev 1 2 3 4 5 6 7 8 Next >
Category: Utilities » Log Management
Honeynet Security Console
Honeynet Security Console is an analysis tool to view events on your personal honeynet. It gives you the power to view events from Snort, TCPDump, Firewall, Syslog and Sebek logs. It also allows you to correlate events from each of these data types to have a full grasp of the attackers' actions.
Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN.
Wasabi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports. Additionally, uninteresting fields in the log lines (such as PID numbers) can be masked with the standard regular ex
Running from cron at a specified interval SnortNotify will search a snort database for new alerts. If new alerts match a pre configured priority level, an email will be sent to the contact. The email will include Sensor name, the signaturename, and the timestamp.
LogMonitor is a log analysis console. It is 75% based on LogIDS, excepted for the GUI which is a complete makeover. Instead of focusing on network location, LogMonitor presents the data in a set of floating windows grouped by application, which may be a more intuitive interface to some people. The analysis is performed by defining the fields of each log we are monitoring, and then by using these fields to define rules as to what is important data or not.
Jailkit is a set of utilities to allow quick creation of limited user accounts. It contains a safe logging daemon, shells that can restrict users and utilities for easy setup.
monit is a utility for monitoring and managing daemons or similar programs running on a Unix system. It will start specified programs if they are not running and restart programs not responding. It supports a daemon mode (poll programs at a specified interval, and start, stop, and restart programs), logging (syslog or your own logfile), configuration (with a comprehensive controlfile) runtime and TCP/IP port checking, process status, and timeout and alert notification. It provides an HTTP interface.
Zabbix is software that monitors your servers and applications. Polling and trapping techniques are both supported. It has a simple, yet very flexible notification mechanism, and a Web interface that allows quick and easy administration. It can be used for logging, monitoring, capacity planning, availability and performance measurement, and providing the latest information to a helpdesk.
mod_log_sql (formerly known as mod_log_mysql) is an Apache module that enables access logging to an SQL database. This capability can replace or coexist with Apache's regular text-file logging mechanisms. The currently supported database backend is MySQL, with PostgreSQL and others in development.
Onlinecalc summarizes your online time, transfer volume, and number of connections made to your ISP. It allows you to print out statistics concerning different date and time ranges. A CGI version of onlinecalc is also available.
Browse by category