Moodss is a modular monitoring application, which supports operating systems (Linux, UNIX, Windows, etc.), databases (MySQL, Oracle, PostgreSQL, DB2, ODBC, etc.), networking (SNMP, Apache, etc.), and any device or process for which a module can be developed (in Tcl, Python, Perl, Java, and C). An intuitive GUI with full drag'n'drop support allows the construction of dashboards with graphs, pie charts, etc., while the thresholds functionality includes emails and user defined scripts. Monitored data can be archived in a SQL database by both the GUI and the companion daemon, so that complete history over time can be made available from Web pages or common spreadsheet software. It can even be used for future behavior prediction or capacity planning, from the included predictor tool, based on powerful statistical methods and artificial neural networks.
nexB OpenAssets is a tool for inventorying, managing, and monitoring applications, software, hardware, networks, and generally any IT asset. It is designed so that system administrators, IT, and finance can determine what they have, how it is configured, what it is used for, and how much it is being used, so that informed decisions can be made. It complements existing network management software, integrates with a growing number of protocols and tools, and features no-agent discovery and inventory, configuration management including dependencies and correlation, monitoring, and reporting. It makes extensive and innovative use of XML, Xpath, and Xquery.
Geolizer is a patch for Webalizer that uses the GeoIP library to generate faster and more reliable geographic statistics than the default DNS suffix method. It is recommended that DNS reversal be disabled on your HTTP server for improved performance and more accurate statistics. It also supports country flag pictures, can be compiled under MinGW/MSYS, and features a human-readable transfer size display.
FLoP is designed to gather alerts with payload from distributed snort sensors on a central server and to store them in a database (PostgreSQL and MySQL are supported). On the sensor, the output is written to a process called sockserv. This process is threaded; one thread receives and buffers the alert packets, and the other thread forwards them to a central server. The output is decoupled from snort, which can proceed in sniffing instead of waiting for the output plugins. At the central server, a process called servsock gathers all alerts from the remote sensors and feeds them to the database. A short description of alerts with high priority together with the database ID can be sent via email to a list of recipients.
Stager is a system for aggregating and presenting network statistics. Though tailored for using NetFlow data from the flow-tools package, it is generic and can be customized to present and process any kind of network statistics. The backend collects data with flow-tools and stores reports in a database, automatically handling the aggregation of hourly statistics into days, weeks, and months. The Web frontend presents data in tables, matrices, or plots. The reports are fully customizable, and their definitions are stored in the database.
A fail2ban lite. IPQ BDB is a netfilter userspace daemon that can block or mark IP packets according to iptables rules that issue the corresponding -j NFQUEUE, as well as a Berkeley database of bad IPv4 addresses. A log parser and a banning utility add entries to the database. An IP has to be caught a configurable number of times before being blocked. Transitions between blocked and non-blocked are faded using probabilities. A halving period governs IP rehabilitation.