The audit package contains the user-space utilities for creating audit rules, as well as for storing, searching, and generating reports from the audit records generated by the audit subsystem in the Linux 2.6 kernel and higher. It has a real-time plugin interface for event analysis and remote logging of events.
AppDynamics an application performance management solution for mission-critical Java applications. It can organize user requests and business transactions, monitor business transaction health, identify and diagnose slow requests, identify and diagnose errors, and drill down. It is built from the ground up for highly distributed service-oriented environments. It has fast root cause diagnostics at the method/class level, but creates no more than 2% overhead, even in high-volume production deployments. It can not only manage applications, but dynamically scale them in cloud and virtual environments.
LoginIDS provides functions to analyze log files from different services in order to detect unusual login behavior. The normal user behavior is learned by analyzing log files and saved in a database. Logins are analyzed by time, service, source, and destination address. If a user's login is new or considered unlikely by LoginIDS, an alert is generated. Alerts can be handled by external scripts and viewed using the log file management system Splunk and the LoginIDS App.
Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.