Picviz is a parallel coordinates plotter which enables easy scripting from various types of input (such as tcpdump, syslog, iptables logs, or Apache logs) to visualize your data and discover interesting results quickly. Its primary goal is to graph data in order to be able to quickly analyze problems and find correlations among variables. With security analysis in mind, the program has been designed to be very flexible, able to graph millions of events.
|Tags||Logging Networking Security Forensics|
|Implementation||C Perl Python|
Release Notes: This version separates Picviz into four modules: library, CLI, GUI, and parsers. Notable changes include: on the fly axes reordering, and picviz GUI improvements from GSOC including brushing, zooming etc. Removal of libevent in favor of libev, layers, frequency filtering, maximum val for an axis can be set, frequency filter, and more.
Release Notes: New types: Enum, Ln, and Port. New properties: bgcolor and print. The color property has been improved. Real-time mode has been added.
Release Notes: CSV to Picviz. A Heatline rendering plugin. Relative as an axis property. Learning mode. A Cairo output plugin. Resolution can be changed on the fly. Multiple condition filtering. More parsers have been written.
Release Notes: Data to draw can now be filtered. There is a DShield Perl class for pcv language generation scripts (tools/) for easy integration with dshield (IP addresses that match are displayed in red, etc.). There is a Penwidth property to increase line size. The pcv tool has been rewritten. A CSV plugin has been added.
No changes have been submitted for this release.