Isoqlog is an MTA log analysis program written in C. It is designed to scan qmail, Postfix, Sendmail, and Exim logfiles and produce usage statistics in HTML for viewing through a browser. It produces a "top domains" statistic according to sender, receiver, total mails, and bytes, and keeps the main domain mail statistics with regard to day's top domain, and top users values for per day, per month, and per year.
Lire is a pluggable log analyzer. It has analyzers for over 25 log file formats, ranging from Apache WWW log files to iptables firewall logs and CUPS printing logs. Reports are generated in 9 different output formats, ranging from Excel 95 to PDF to HTML, optionally with included graphs.
Sawmill is a log analysis tool which can be used to analyze Web site traffic, proxy usage, ftp usage, and much more. Major features include a persistent database for long-term tracking of statistics, hierarchical data mining features, and many security features appropriate for use in a multi-user environment.
pppusage summarizes average and total transfer volumes, number of connections, and average and total online time for PPP connections. The data is collected by reading the syslog files which contain the ppp[d] messages. A database file is used to store the relevant data. Certain time ranges (that is: a year, month, or day) may be specified on the command line.
ProviderTool Internet server administration program with email protection. The software is divided into a subcomponent Admin Tool, Customer Tool, and a Reseller Tool. Each subcomponent tool manages a separate zone that is setup for the specific needs of your administrator, end user, and reseller. If you have a Red Hat, SuSE, or Debian Internet or intranet server, you will be able to add, delete, and change settings and users with just a couple of clicks. ProviderTool is delivered with a separate Apache and PHP server environment. There is also an email protection tool included.
Impost is a network security auditing tool designed to analyze the forensics behind compromised and/or vulnerable daemons. There are two different kinds of operating modes; it can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients, or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments.