Isoqlog is an MTA log analysis program written in C. It is designed to scan qmail, Postfix, Sendmail, and Exim logfiles and produce usage statistics in HTML for viewing through a browser. It produces a "top domains" statistic according to sender, receiver, total mails, and bytes, and keeps the main domain mail statistics with regard to day's top domain, and top users values for per day, per month, and per year.
Firewall Log Daemon is a program written in C which will watch for ipchains or iptables log alerts in realtime. The program will start a small daemon process that parses and resolves firewall logs by reading a FIFO that syslog writes to. It can queue a batch of alerts and mail them to you, or can be used in a script to crunch an existing log file or data stream. It features hostname, port, protocol, and ICMP type/code lookup, with output formatted by a user-defined template.
Advanced Web Statistics (AWStats) is a free powerful Web server logfile analyzer (Perl script) that shows you all your Web statistics including visits, unique visitors, pages, hits, rush hours, search engines, keywords used to find your site, robots, broken links, and more. It works with both IIS 5.0+ and Apache Web server log files as a CGI and/or from the command line. It also supports multiple languages including English, French, Dutch, Spanish, Italian, German, Polish, and Greek.
log_analysis is a log file analysis engine that extracts relevant data for any of the recognised log messages and produces a summary that is much easier to read. It can be configured to recognize entirely new log types. log_analysis natively understands about 100 different kinds of syslog messages, as well as sulog and wtmp messages for Linux, Solaris, and OpenBSD. It also has optional continuous monitoring capabilities, with both text and GUI modes.
game control program helps you administrate gameservers (it's written for Q1 and Q3, but works for others). It is highly modular and therefore extensible. With the current modules, it can start/stop servers, create and rotate logfiles, allow remote administration via telnet, and kick misbehaving players automagically (according to a rule set).
Logcheck Consolidator is a utility which manages the log files from multiple computers to help you keep track of your network. It takes logcheck e-mail and parses it for each of your systems into one piece of mail. It has a lot of built-in logic. For example, if a host does not send its hourly e-mail, the logcheck consolidator will notice this and flag it as an error at the top of the consolidated e-mail.
The ip-masq-log patch can be used on a masquerading firewall (NAT) to keep a log of all the outgoing masqueraded TCP connections. It's even possible to log the name of the user who has opened the connection. This can be a useful security tool for many small networks that are hidden by a masquerading box if users cannot be totally trusted.
The modular syslog allows for an easy implementation of input and output modules. The modules that mantain compatibility with its precursor are included in the standard distribution along with four modules: om_peo (an implementation of PEO-1 and L-PEO, two algorithmic protocols for integrity checking), om_mysql and om_pgsql (modules that sends output to a mysql and postgresql database, respectively) and om_regex (a module that allows output redirection using regular expressions).