ntopmg is a network probe that shows network usage in a way similar to what top does for processes. It acts as a Web server, creating an HTML dump of the network status. It sports a flow collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. Its C++ core can be scripted in Lua, for changing the appearance and extending functionality.
Snort is a network intrusion detection and prevention system. It is the most widely deployed technology of its kind in the world. It performs detection using a variety of methods including rules-based detection, anomaly detection, and heuristic analysis of network traffic. Its rules language is open source and available to the public as well.
LogAnalyzer is a Web front-end for syslog and other network event data. It provides easy browsing, searching, basic analysis, and some graphics. Data is taken from databases or plain syslog text files, so LogAnalyzer does not require changes to an existing logging infrastructure. Depending on the log data present, it can process syslog messages, Windows event log entries, and some more exotic things. Its troubleshooting support enables users to quickly find solutions to problems seen in the log data. LogAnalyzer was previously called phpLogCon, and has been renamed since v3.
Check_MK is a complex addon for Nagios/Icinga and consists of three subprojects. The check and inventory system Check_MK is a general purpose Nagios plugin for retrieving data. It adopts a new approach for collecting data and obsoletes NRPE, check_by_ssh, NSClient, and check_snmp. It features a significant reduction of CPU use on the Nagios host and automatic inventory of items to be checked, and is especially useful with larger Nagios installations. "MK Livestatus" gives immediate and fast access to live and historic Nagios status data. It's a supported backend for many addons including NagVis, NagiosBP, and Thruk. "Check_MK Multisite" is a feature complete replacement for the Nagios GUI, and uses MK Livestatus as a backend. It is very fast, and supports efficient distributed monitoring.
Unattended installation of several Linux(kickstart,preseed,autoyast) and Windows(2000,XP,2003,2003R2,Vista,7,8,2008,2012). Features: inventory, software management, dhcp-ldap, dns-ldap, php-ssh, syslog-ng, rsyslog, switch managment, ldap browser, pxe manager, central cron management, license management.
360-FAAR (Firewall Analysis Audit and Repair) is an offline, command line, Perl firewall policy manipulation tool to filter, compare to logs, merge, translate, and output firewall commands for new policies, in Checkpoint dbedit, Cisco ASA, or ScreenOS commands. It is all contained in one file. It can read policy and logs for: Checkpoint FW1 (in odumper.csv / logexport format), Netscreen ScreenOS (in get config / syslog format), and Cisco ASA (show run / syslog format). It uses both inclusive and exclusive CIDR and text filters, permitting you to split large policies into smaller ones for virutalization at the same time as removing unused connectivity. It supports policy to log association, object translation, rulebase reordering and simplification, rule moves, and duplicate matching automatically. It allows you to seamlessly move rules to where you need them. 'print' mode creates a spreadsheet for your audit needs with one command.
System Configuration Collector collects and classifies most of your Unix/Linux/BSD configuration data in flat files called snapshots. This allows changes in snapshots of consecutive runs to be detected. These changes are added to a logbook, which is helpful for administrators during troubleshooting and for auditors during audits. Snapshots and logbooks are also available in HTML format. All data can be send to an SCC server, where a Web interface provides access to summaries and supports comparing snapshots of different servers and searching of all data. A WMI-based Windows client is also available.