nxlog is a modular, multi-threaded, high-performance log management solution with multi-platform support. In concept, it is similar to syslog-ng or rsyslog, but is not limited to Unix/syslog only. It can collect logs from files in various formats, receive logs from the network remotely over UDP, TCP, or TLS/SSL on all supported platforms. It supports platform-specific sources such as the Windows Eventlog, Linux kernel logs, Android device logs, local syslog, etc. Writing and reading logs to/from databases is also supported for many database servers. The collected logs can be stored into files, databases, or forwarded to a remote log server using various protocols. The old BSD Syslog and the newer IETF syslog standard (RFC 3164 and RFC 5424-5426) are fully supported by nxlog in addition to XML, JSON, CSV, GELF, and other custom formats. A key concept in nxlog is to be able to handle and preserve structured logs so there is no need to convert everything to syslog and then parse these logs again at the other side. It has powerful message filtering, log rewrite, and conversion capabilities. Using a lightweight, modular, and multi-threaded architecture which can scale, nxlog can process hundreds of thousands of events per second.
pflogx is a simple tool that exports OpenBSD packet filter logs to XML files. It reads a binary log file generated by the pf logging daemon (pflogd) and generates a human-readable and exploitable XML file. Using an XSLT processor you can convert this XML file to any other format, such as HTML, CSV, or SQL.
NeedLock allows users to easily define directories that they want to protect and visitors who are allowed to view them. The script supports full member control, admin levels, statistics, account expiration, action logs, easy configuration, member registration setup, announcements, and many other unique features.
Impost is a network security auditing tool designed to analyze the forensics behind compromised and/or vulnerable daemons. There are two different kinds of operating modes; it can either act as a honey pot and take orders from a Perl script controlling how it responds and communicates with connecting clients, or it can operate as a packet sniffer and monitor incoming data to specified destination port supplied by the command-line arguments.
pppusage summarizes average and total transfer volumes, number of connections, and average and total online time for PPP connections. The data is collected by reading the syslog files which contain the ppp[d] messages. A database file is used to store the relevant data. Certain time ranges (that is: a year, month, or day) may be specified on the command line.
pf2x is a PHP script that will take the output of your pflog and convert it into various different output formats. These output formats include plain text, XML, HTML, PDF, and MySQL INSERT statements for import into a MySQL database. This was developed and tested on OpenBSD 3.3 but should work for any system that uses PF.