pmacct is a small set of passive network monitoring tools to account, filter, classify, aggregate, and export IPv4 and IPv6 traffic. A pluggable and flexible architecture allows storing collected network data in memory tables, RDBMSs (MySQL, SQLite, PostgreSQL, BDB), and flat files, and also export via IPFIX, NetFlow, or sFlow protocols to remote collectors. pmacct features fully customizable historical data breakdown, sampling, BGP correlation, tagging, and triggers. Libpcap, ULOG, sFlow v2/v4/v5, NetFlow v1/v5/v7/v8/v9, and IPFIX are supported data capturing methods.
NodeBrain is a rule-based state and event monitoring agent. It is an interpreter of the NodeBrain command language that includes commands for rule definition, state assertion and event alerting. It can be used for system health monitoring or other applications requiring automated response to state changes and patterns of events from application logs and other sources. It supports a peer-to-peer application protocol called NBP to enable event streams between agents within a network. Peers are authenticated and communication is encrypted. Store-and-forward queues are used to tolerate network, system, and peer outages. Integration with other applications is accomplished through a command line interface (CLI). This tool is intended for developers, as construction of a monitoring application using NodeBrain is a programming activity. A programmer must develop NodeBrain event correlation rules, input commands for state and event collection, and output commands for responses as required by a specific application.
psmon is a Perl script which can be run as a stand-alone program or a fully functional background daemon, capable of logging to syslog with customisable email notification facilities. The user defines a set of rules in an Apache-style plain text configuration file. These rules describe what processes should always be running on the system, and any limitations on concurrent instances, TTL, and maximum CPU/memory usage of processes. psmon scans the UNIX process table and, using the set of rules defined in the configuration file, will respawn any dead processes, and slay or "deal with" any aggressive or illegal processes.