Softpanorama
(slightly skeptical)
Open Source Software Educational Society
May the source be with you, but remember the KISS principle ;-)
Softpanorama Search
|
Softpanorama |
May the source be with you, but remember the KISS principle ;-)
Softpanorama Search
|
There is not that many Perl tools for log analysis (monitoring, colorizing, etc) and management. Logwatch is probably the most well know Perl log analyzer. This type of tools is covered in log monitoring page.
Perl-based log analyzer essentially represent a primitive monitoring system and are flexible enough to be used as monitoring sensors for all popular monitoring solutions. They are usually pretty extensible and can be tuned to the task in hand, the operation which is much more difficult for analyzers written in other scripting languages as system administrators usually know Perl, not rarely other scripting languages.
One type of systems that you probably should avoid are those which just expose regular expressions via Perl, providing just a capability to apply regular expression to the stream of log records (log analyzers for dummies; of log stream grep tools). Such solutions essentially hide the Perl strengths downgrading it to the version of grep and as such are not attractive to competent system administrator. They bring very little to the plate.
|
|||||||
Changes: Open Flash Chart has been integrated with Octopussy to produce better reports. The RRD Taxonomy bug has been fixed. Many minor bugfixes and improvements are included.
Logrep is a secure multi-platform tool for the collection, extraction, and presentation of information from various log files. It features HTML reports, multi-dimensional analysis, overview pages, SSH communication, and graphs, and supports 25 popular systems including Snort, Squid, Postfix, Apache, Sendmail, syslog, iptables/ipchains, xferlog, NT event logs, Firewall-1, wtmp, Oracle listener, and Pix.
Kazimir is a log analyzer. It has a complete configuration file used to describe what kind of logs (or non-regression test) to be watched or spawned and the kind of regexp to be found in them. Interesting information found in logs may be associated with "events" in a boolean and chronological way. The occurrence of events may be associated with the execution of commands.Release focus: Initial freshmeat announcement
Octopussy is a solution to manage your logs (also frequently called a SIM/SEM/SIEM Solution). Basically, it stores your logs, produces reports, and raises alerts.Release focus: Major bugfixes
Changes:
Reports in XML have been added. Logs Wizard allows you to check whether unknown logs match a Service that doesn't belong to the current Device. There is a global bugfix regarding special characters. There are bugfixes for Report Scheduler and octo_logrotate.
About:
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/*BSD environment at the core of a central syslog server. devialog generates its own signatures and acts upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.Release focus: Minor bugfixes
Changes:
Bug fixes include better handling of lines with some special characters. A timing error was fixed within alert generation: sometimes alerts would be sent inadvertently based on the timing of a new log arriving as an alert was sent out in specific high-volume log situations. Altered signature generation creates more exact regular expressions.
LMF (Log Monitoring Framework) is a flexible log monitoring framework that allows the user to match text from log files using Perl regular expressions and capturing parentheses. An optional external command will be executed when a user-specified number of matches is found within a user-specified period. In additon to the trigger, the rule can also have a message associated with it; when the rule is triggered, that message will be logged to the LMF log file. Each rule can also have a duration associated with it; after a rule has been triggered and the duration has expired, an optional external command will be run.
Octopussy is a Perl/XML log analyzer, alerter, and reporter.
Copyright © 1996-2009 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. Submit comments This document is an industrial compilation designed and created exclusively for educational use and is placed under the copyright of the Open Content License(OPL). Site uses AdSense so you need to be aware of Google privacy policy. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
Disclaimer:
Last modified: August 12, 2009