ColorLogs is an output-colorizing Perl script intended to have command output piped through it to a terminal. It allows easy creation of new highlighting configurations using simple text matches, globs, or regular expressions. It works transparently even in interactive contexts with scripts that produce prompt lines and wait for user input. Patterns are provided for Ant and Maven output. This version started as a fork of v1.1 from resentment.org, but numerous improvements have been made since then.
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
log_analysis is a log file analysis engine that extracts relevant data for any of the recognised log messages and produces a summary that is much easier to read. It can be configured to recognize entirely new log types. log_analysis natively understands about 100 different kinds of syslog messages, as well as sulog and wtmp messages for Linux, Solaris, and OpenBSD. It also has optional continuous monitoring capabilities, with both text and GUI modes.
Logrep is a secure multi-platform tool for the collection, extraction, and presentation of information from various log files. It features HTML reports, multi-dimensional analysis, overview pages, SSH communication, and graphs, and supports 25 popular systems including Snort, Squid, Postfix, Apache, Sendmail, syslog, iptables/ipchains, xferlog, NT event logs, Firewall-1, wtmp, Oracle listener, and Pix.
Stager is a system for aggregating and presenting network statistics. Though tailored for using NetFlow data from the flow-tools package, it is generic and can be customized to present and process any kind of network statistics. The backend collects data with flow-tools and stores reports in a database, automatically handling the aggregation of hourly statistics into days, weeks, and months. The Web frontend presents data in tables, matrices, or plots. The reports are fully customizable, and their definitions are stored in the database.