Firewall Log Daemon is a program written in C which will watch for ipchains or iptables log alerts in realtime. The program will start a small daemon process that parses and resolves firewall logs by reading a FIFO that syslog writes to. It can queue a batch of alerts and mail them to you, or can be used in a script to crunch an existing log file or data stream. It features hostname, port, protocol, and ICMP type/code lookup, with output formatted by a user-defined template.
logsurfer is a log checking/auditing tool similar to swatch and logcheck but with the capability of handling multi-line messages and dynamically adapting the ruleset. It is written in portable C, well documented, fast, and flexible. It works on any textfile or stdin, can be run at intervals or continuously, and has timeouts and resource limits.
NewSyslog is an updated version of a package put together by Theodore Tso of MIT Project Athena (which is included in NetBSD, FreeBSD, OpenBSD, etc.). It manages the rotation and archiving of log files (primarily those written to by syslogd). This version has a mix of features from all of the other versions, and it has been made more portable than any of the others with the help of GNU Autoconf.