LooperNG is an intelligent event routing daemon. Primarily used for Network Management, this application can be used to accomplish a variety of tasks related to logging and alerting such as trap forwarding/exploding, event enrichment, converting event formats (syslog->SNMP, SNMP->flatfile, syslog->Netcool), etc. It uses a system of input and output modules to interface with the event sources/sinks and a "rules file" to control the flow of the events.
Wiresoft ANA (Automated Network Agent), an Artificial Intelligence-based systems management service, automatically performs over 90% of Linux systems management tasks. It is a self-managing, self-learning system support service that provides constant maintenance and protection for Firegate Servers. ANA services include Software Updating and Integration, Intrusion Detection, Data Back-up and Disaster Recovery, Monitoring, and Alerting.
ReVirt is part of the CoVirt project, which investigated on the use of virtual machines to provide security in an operating-system-independent manner to enable the security system to function independently from the guest operating system. ReVirt logs enough information to replay the entire intrusive sequence instruction-by-instruction so that a detailed observation on the attack can be documented. It includes a system called BackTracker that helps system administrators understand (and thereby recover from) an intrusion, by automatically identifying potential sequences of steps that occurred in an intrusion. Starting with a single detection point (e.g., a suspicious file), BackTracker identifies files and processes that could have affected that detection point and displays chains of events in a dependency graph.
sudosh can be used as a default login shell or a filter that takes advantage of PTY devices in order to sit between the user's keyboard and a program, in this case a shell. It was designed specifically to be used in conjunction with sudo, and allows the execution of a root or application shell with logging. It is basically a VCR and will record root shell sessions and also has the ability to play back the sessions as they were originally recorded. It records all input/output, keyboard input, and timing information so that the session can be played back in the original format.
Dconf is a tool to collect a system's hardware and software configuration. It allows you to take your system configuration with you and compare systems (like nodes in a cluster) to troubleshoot hardware or software problems. It can also be configured to send out configuration changes at given intervals to a group of people, or store a new snapshot when system changes happen.
The goal of Escape-K is to provide an all-in-one platform for IT service management. This means that using a single application (the Escape-K client console), users are able to manage any sized computer organization, from workstation and printers to servers, databases, or network devices. Escape-K follows the main guidelines recommended by ITIL. Therefore, the core of the application is the composed of the CMDB. Depending of the chosen perspective, Escape-K users can deal with incidents and problem resolution as well as server or database administration.
The sniffy project can trace/log the data of any pseudo terminal in the system. Due to the way the terminal works, such a terminal trace provides complete information of what happened on the terminal screen, and sniffy is able to display/replay this information. It consists of a kernel module able to connect/hook on the pseudo terminal, a program to display the contents of any pseudo terminal on the fly, a daemon process tracing the pseudo terminal content into the file, and a replay program to replay any stored pseudo terminal session.