360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
LogAnalyzer is a Web front-end for syslog and other network event data. It provides easy browsing, searching, basic analysis, and some graphics. Data is taken from databases or plain syslog text files, so LogAnalyzer does not require changes to an existing logging infrastructure. Depending on the log data present, it can process syslog messages, Windows event log entries, and some more exotic things. Its troubleshooting support enables users to quickly find solutions to problems seen in the log data. LogAnalyzer was previously called phpLogCon, and has been renamed since v3.
Observium is an autodiscovering network monitoring system focused primarily on Cisco and Linux networks but includes support for a wide range of network hardware and operating systems. Observium has grown out of a lack of easy to use NMSes. It is intended to provide a more navigable interface to the health and performance of your network. Its design goals include collecting as much historical data about devices as possible, being completely autodiscovered with little or no manual intervention, and having a very intuitive interface.
PasTmon (Passive Application Response Time Monitor) passively monitors your application servers, measuring and reporting user response times, throughput and congestion. It currently works with HTTP, telnet, rlogin, rsh, FTP (control channel), SMTP, POP3, and IRC. Measurements are recorded in a PostgreSQL database and are presented graphically via a PHP Web front-end using R statistical analysis scripts to create the plots.
check_openmanage is a plugin for Nagios that checks the hardware health of Dell servers running OpenManage Server Administrator (OMSA). The plugin can be used remotely with SNMP or locally with NRPE, check_by_ssh, or similar. It checks the health of the storage subsystem, power supplies, memory modules, temperature probes, etc., and gives an alert if any of the components are faulty or operate outside normal parameters.
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.