Open Source Linux Log Analysis Software

The ProM Import Framework allows to extract process enactment event logs from a set of information systems. These can be exported in the MXML format, which is the standard event log data format for Process Mining analysis techniques.

Flamingo is a open-source Big Data Platform that combine a Ajax Rich Web Interface + Workflow Engine + Workflow Designer + MapReduce + Hive Editor + Pig Editor. 1. Easy Tool for big data 2. Use comfortable in Hadoop EcoSystem projects 3. Based GPL V3 License Supporting Pig IDE, Hive IDE, HDFS Browser, Scheduler, Hadoop Job Monitoring, Workflow Engine, Workflow Designer, MapReduce.

DNA is an open, flexible and extensible deep network analyzer software server and software architecture for gathering and analyzing network packets, network sessions and applications protocols, passively off enterprise class networks.

Textual data processing solution for system administrators and Web programmers. The C library allows to manipulate string lists, CGI forms, MIME data, configuration files, logs parsing, regular expressions, date/time parsing, templates rewriting etc.

FW1-Loggrabber is a command-line tool to grab logfiles from Checkpoint FW-1 remotely using Checkpoints LEA (Log Export Api), which is one part of Checkpoints OPSEC API.

LogCrawler is an ANT task for automatic testing of web applications. Using a HTTP crawler it visits all pages of a website and checks the server logfiles for errors. Use it as a "smoketest" with your CI system like CruiseControl.

The first stage of development is do write a tool to anonymize packet capture files captured with libpcap. After that we will be integrating this with tcpdump to anonymize in real-time and analyze and look for its effect on different IDS's.

Caudium WebServer is a single process multi-threaded webserver. It has a built-in pre-processing language and includes an easy to use web-based configuration interface.

An eclipse plugin providing tail in view component.

IP2Location C library enables the user to find the country, region, city, coordinates, zip code, time zone, ISP, domain name, connection type, area code, weather, MCC, MNC, mobile brand name, elevation and usage type that any IP address or hostname originates from. It has been optimized for speed and memory utilization. Developers can use the API to query all IP2Location™ binary databases for applications written in C or supporting static/dynamic library.

Provide a plugabble and configurable alternative to UNIX tools like grep, awk, tail, head, cut, sort, uniq or even some perl based scripts in a Java environment. A bit like what Apache Ant means to good old make.

Skavenger analyzes HTTP traffic logged by various Web proxies (including WebScarab and Burp) for indications of common web vulnerabilities such as XSS, CRLF injection and various kinds of information disclosure.

Using templated message formats with customisable placeholders, run in configurable sequences that can selectively reuse data between steps, must allows more intelligent testing of syslog receivers with realistic data, as well as longer soak testing and stress testing. must was created to fill a gap found when trying to stress test Splunk as real, indexable and meaningful data was needed. must will (eventually) be provided as a standalone tool that uses XML configs (for quick use and consultancy etc) and as a web-based tool (for more permanent/pretty deployment (with historical reporting and live stats). SUPPORT: The best way of contacting me is via Twitter below, NEWS: (16/Mar/15) A beta of v2 is finally released - apologies for the long delay!

AwkStatistics is a script which is used to generate statistical data for csv data by using awk. It takes two columns from the input file, one is used to identify the row(option -i) and the other one is the column where the values are taken from (option -v). The script was designed for performance engineers to be able to analyze CSV-Data on the fly and have a good possibility to automate the analysis process.

Clown is a "clustering" framework. It allows you to cluster datasets (in ARFF) format using a number of different clustering algorithms.

DBD2 inserts database records from TCP input. It is a companion project to Syslgod2 and an application in its own right. It ships with a backgrounding client for generic use. The client sends whatever information the user puts on the command-line to the back-end daemon via TCP. Upon successful transmission, the client exits. On failure, it backs off and retries until its life-time timer expires. The back-end daemon accepts data from Syslogd2 or its own client and inserts that data (and envelope information) into one or more databases using MySql client library or dbi drivers (also on SourceForge). The client needs no configuration (all input is via command-line). It is intended for hosts to make database entries without needing database client or interface code. Syslogd2 integration allows DBD2 to act as Syslogd2's database back-end for MySql and other databases supported by the dbi drivers. Original purpose was to track Linux cluster job status but other uses exist.

DataLoggin provides the raw data Database for the Dawn of Light Server Emulation Project. (www.dolserver.com)

Esyslogd is an alternative to syslogd. Esyslogd is threaded and it provide an API to get log entries, allready parsed, by TCP/IP.

G.R.E.A.T. - Google Earth Reporting Engine and Analysis Tool The Goal of this project is to create a basic IDS interface with Google Earth. Currently generates a KML file of traceroute/whois information suitable for use in Google Earth

HiLexed 2 is a dynamic hierarchical LL-parser system with integrated lexing. It features a powerful unlimited look-ahead, look-ahead compression*, dynamic rules and left-recursion*. * = Under development

Some utility classes to enhance the java.util.logging (JSR47).

Logbus-ng consists in a set of tools to aid developers perform Log Analysis in all the stages: log generation, collection, distribution, storage and analysis. It is designed specifically for Field Failure Data Analysis in critical distributed systems

This module has been written to parse *Radius Accounting* detail files. I only have copies of those generated by the *Ascend* Radius server, so I don't know if it is compatible with other Radius versions.

MakeLogic Tail is an advanced "tail -f" command with GUI. It needs JRE 5.0, hence it is 'Tail for Windows', Linux or 'Tail for Mac'. It shows the last few lines of a growing log file in real time. Provides many more easy to use features. Try it!

MySQL log analyzer and profiler. Extracts the most popular queries grouping them by their normalized form and shows the statistics for each group. Helps developers to recognize most frequently run queries to be able to optimize overall db performance.