Lire is a pluggable log analyzer. It has analyzers for over 25 log file formats, ranging from Apache WWW log files to iptables firewall logs and CUPS printing logs. Reports are generated in 9 different output formats, ranging from Excel 95 to PDF to HTML, optionally with included graphs.
bandwidthd tracks usage of TCP/IP network subnets and builds HTML files with graphs to display network utilization. Charts are built by individual IP to show their utilization over 2, 8, 45, and 400 day periods. It color codes HTTP, HTTPS, TCP,UDP, ICMP, VPN, and P2P traffic. Unlike MRTG, it tracks each individual IP address and subnets, not the status of any particular link. Static mode is fast and easy to set up and has few dependencies. Database mode supports filtering by subnet, multiple sensors, custom reports and intervals, and can process thousands of IPs efficiently. Network utilization can be logged in CDF or a backend database.
screen-scraper is a tool for extracting data from Web sites. It works much like a database that provides access to the information of the Web. It provides a graphical interface allowing you to designate URLs, data elements to be extracted, and scripting logic to traverse pages and work with scraped data. Once these items have been created, screen-scraper can be invoked from external languages such as .NET, Java, PHP, and Active Server Pages. It can be scheduled to scrape information at periodic intervals, and can automatically write extracted data to CSV files.
The libstatgrab library provides an easy-to-use interface for accessing system statistics and information. Available statistics include CPU, Load, Memory, Swap, Disk I/O, and Network I/O. It was developed to work on Linux, FreeBSD, and Solaris. The package also includes two tools: saidar provides a curses-based interface for viewing live system statistics, and statgrab is a sysctl-like interface to the statistics.
AutoScan is an application designed to explore and manage your network. Entire subnets can be scanned simultaneously without human intervention. It features OS detection, automatic network discovery, a port scanner, a Nessus client, a Samba share browser, and the ability to save the network state.
Jmx4Perl provides an alternate way of accessing Java JEE Server management interfaces that are based on JMX (Java Management Extensions). It is an agent-based approach where a small Web application deployed on the application server provides HTTP/JSON-based access to JMX MBeans registered within the application server. It is set up from a handful of Perl modules, which can be integrated seamlessly in your own programs. It also includes a Nagios plugin, check_jmx4perl, a jmx4perl command line tool for remote JMX queries and operations, and a readline-based JMX shell j4psh, with context sensitive command completion and syntax highlighting.
Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like CheckPoint, Netfilter, IPFilter, Packet Filter, Cisco PIX/ASA, NetScreen, TippingPoint, and Lucent BRICK in a similar way.
FTimes is a system baselining and evidence collection tool. Its primary purpose is to gather and/or develop topographical information and attributes about specified directories and files in a manner conducive to intrusion and forensic analysis. It was designed to support the following initiatives: content integrity monitoring, incident response, intrusion analysis, and computer forensics.