IDEA is an architecture for implementing a distributed intrusion detection system on a computer network. It provides a way to incorporate many different IDS sensors into an architecture, and have them report to a central IDS server. This server collects, aggregates, and correlates data from the sensors, providing a unified view of network activity. By specifying an open API, many different clients can connect to the IDEA server and "subscribe" to the event notification service so that the client will be notified any time a new alert is received from any of the sensors.
pf2x is a PHP script that will take the output of your pflog and convert it into various different output formats. These output formats include plain text, XML, HTML, PDF, and MySQL INSERT statements for import into a MySQL database. This was developed and tested on OpenBSD 3.3 but should work for any system that uses PF.
Sprog is a graphical tool that anyone can use to build programs by plugging parts together. In Sprog jargon, the parts are known as 'gears' and they are assembled to make a 'machine'. Gears are selected from a palette and dragged onto the Sprog workbench, where they can be connected together. Options can be set using a properties dialog on each gear. When assembly is complete, the machine can be run, reconfigured, or re-run.
PIX Logging Architecture is a project allowing for correlation of Cisco PIX Firewall traffic, IDS, and informational logs. It parses Cisco PIX logs from syslog files, then pushes the parsed data to a database. It contains a Web-based front end for displaying and searching the Cisco PIX Firewall logs.
The ProM Import Framework allows you to extract process enactment event logs from a set of information systems. These can be exported in the MXML format, which is the standard event log data format for Process Mining analysis techniques. Process Mining is a family of a-posteriori analysis techniques to extract abstract information from process enactment logs. More in-depth information about the area of process mining is available at processmining.org.
Web Statistics Montage is a tool that compiles statistics from multiple Web sites and sends them to you in an easy-to-read, easy-to-compare format. It gathers statistics including search engine spider activity, the PageRank of each of your sites, the unique visitors to your site over the last three months, the keywords used to get to your site since that last report was generated, and much more. It requires that you have a Web hosting account that uses the cPanel control panel with AWStats installed.
ProM is an extensible framework that supports a wide variety of process mining techniques in the form of plug-ins. Plug-ins currently support the import of and the conversion between several process modelling languages, including Petri nets (PNML, TPN), EPCs/EPKs (Aris graph format, EPML), and YAWL. Mining, analysis, and log filtering plug-ins are also available.