Projects tagged ‘logging’ and ‘monitoring’

smartmontools contains utilities that control and monitor storage devices using the Self-Monitoring, Analysis, and Reporting Technology (S.M.A.R.T.) system built into ATA and SCSI hard drives. This is used to check the reliability of the hard drive ... [More] and to predict drive failures. It is meant to be an up-to-date replacement for the ucsc-smartsuite and smartsuite packages, and is derived from that code. [Less]

Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features ... [More] out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. [Less]

Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also ... [More] possible, keeping the connection synchronized. Many sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN. [Less]

Zenoss is an IT infrastructure monitoring product that allows you to monitor your entire infrastructure within a single, integrated software application.Key features include: Monitors the entire stack: networks, servers, applications, services, power, environment, etc.

Zabbix is software that monitors your servers and applications. Polling and trapping techniques are both supported. It has a simple, yet very flexible notification mechanism, and a Web interface that allows quick and easy administration. It can be ... [More] used for logging, monitoring, capacity planning, availability and performance measurement, and providing the latest information to a helpdesk. [Less]

Centreon is a network, system, applicative supervision and monitoring tool, it is based upon the most effective Open Source monitoring engine : Nagios. Centreon provides a new frontend and new functionnalities to Nagios. It allows you to be more ... [More] efficient in your network monitoring, but also allows you to make your supervision information readable by a largest range of users. Indeed, a non technical user can now use the Centreon/Nagios couple to easily understand your network infrastructure thanks to charts and graphical representations of the gathered information. Skilled users still have access to specific and technical information collected by Nagios though. [Less]

OpenNMS is the world's first enterprise grade network management platform developed under the open source model. It consists of a community supported open-source project as well as a commercial services, training and support organization.

ScopePort is an easy to configure but powerful remote monitoring server. You can use it to monitor servers all over the web. It permanently checks system functions of servers and warns you if something goes wrong. It also provides a nice web ... [More] interface that lets you have the overview of all your servers and their health. The main target of ScopePort is to reliably monitor the health of your servers and giving you the ability to have a central point to organize your network. Every function of ScopePort is designed to be as easy to maintain and setup as possible. It is not very productive to configure the monitoring of a new server for hours. ScopePort will do the most for you. You will only have to install the client and copy the automatically generated config file to the server. [Less]

A complete availability monitoring solution that ensures IT infrastructure uptime while identifying issues before they become real problems. Unifies proven open source tools - Nagios, Nmap, sendpage, PHP, Apache, MySQL and more - through PHP/AJAX-based components and an integrated user interface to deliver the extensible functionality you require.

Octopussy is a solution to manage your logs (also frequently called a SIM/SEM/SIEM Solution). Basically, it stores your logs, produces reports, and raises alerts.

Support unattended installation of several Linux and Windows. Also a collection of scripts for inventory, deinstallation and other add-ons like dhcp-ldap, php-ssh, samhain, syslog-ng, switch managment, ldap browser. All written in bash and php.

scanlogd is a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with, for a Phrack Magazine article. Thus, unlike some of the other port scan detection tools out there, scanlogd is designed ... [More] to be totally safe to use. scanlogd supports several packet capture interfaces: the raw socket interface on Linux (which does not require any libraries), libnids, and libpcap. [Less]

iTALC is a use- and powerful didactical tool for teachers. It lets you view and control other computers in your network in several ways. It supports Linux and Windows 2000/XP (Vista support will come) and it even can be used transparently in mixed environments!

ulogd2 is a userspace logging daemon for netfilter/iptables related logging. This includes per-packet logging of security violations, per-packet logging for accounting purpose as well as per-flow logging.

Netdisco is a network management application targeted at large corporate and university networks. Data is collected into a Postgres database using SNMP and presented with a clean web interface using Mason. Designed for moderate to large networks ... [More] , configuration information and connection data for network devices are retrieved by SNMP. With Netdisco you can locate the switch port of an end-user system by IP or MAC address. Data is stored using a SQL database for scalability and speed. Layer-2 topology protocols such as CDP (Cisco Discovery Protocol) optionally provides automatic discovery of the network topology. The network is inventoried by both device model and operating system (like IOS). Netdisco uses router ARP tables and L2 switch MAC forwarding tables to locate nodes on physical ports and track them by their IP addresses. For each node, a time stamped history of the ports it has visited and the IP addresses it has used is maintained. Netdisco gets all its data, including topology information, with SNMP polls and DNS queries. It does not use CLI access and has no need for privilege passwords. Security features include a wire-side Wireless Access Point (AP) locator. The project is supported by a community of open-source developers, headed by Eric Miller, Bill Fenner, and Max Baker. [Less]

AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determening which files get added to the ... [More] database. You can use several message digest algorithms to ensure that the files have not been tampered with. [Less]

MonAMI aims to be a universal sensor framework. It can monitor many different services and send this information to any number of information systems. It do this whilst remaining easy to configure. MonAMI has a plugin structure. This means adding different monitoring targets is easy, as is including support for different monitoring systems.

PerlIDS (CGI::IDS) is a Perl website intrusion detection system based on PHPIDS http://php-ids.org/. It parses any hashref for possible attacks, so it does not depend on CGI.pm. The intrusion detection is based on a set of converters that convert ... [More] the request according to common techniques that are used to hide attacks. These converted strings are checked for attacks by running a filter set of currently 68 regular expressions. For easily keeping the filter set up-to-date, PerlIDS is compatible to the original XML filter set of PHPIDS, which is frequently updated. [Less]

OpenSymphony is an Open Source project dedicated to providing enterprise class J2EE applications and components. Our components aim to be specification compliant, and should work in any J2EE compliant application server.

An appender to send formatted logging event strings to a specified managment host (typically, a MLM of some sort, but could also be an SNMP management console) in the form of an SNMP trap. This appender does not attempt to provide full access to ... [More] the SNMP API. In particular, use of this appender does not make an SNMP agent out of the calling application. You cannot use this appender as an interface to do SNMP GET or SET calls -- all it does is pass on your logging event as a TRAP. This appender uses a helper class which serves as the interface to the SNMP sub-system. This class must implement the SnmpTrapSenderFacade interface. The concrete implementation class you want to use must be specified in your properties file -- see the examples below. The implementation class must provide a parameterless constructor -- this is the constructor that Log4J will use to instantiate the class using the class name in the properties file. There are three implementation classes provided with this appender; the JoeSNMPTrapSender, the WengsoftSNMPTrapSender and the NetSnmpCommandLineTrapSender classes. If you fail to specify an implementation in your properties file, or if there is a problem finding, loading or instantiating the implementation that you do specify, the appender will fall back to using the JoeSNMPTrapSender implementation as a default. You can and should, as your needs dictate, write your own implementation of SnmpTrapSenderFacade, using the underlying SNMP library of your choice. In this case, the implementations provided with the appender should serve as adequate examples for how this might be done. Here's a sample of what you would need in an XML configuration file to configure this appender: To configure an otherwise identical appender that uses a different implementation class, you would simply change the value of the "ImplementationClassName", as in the following example: To configure the appender to use a delimited conversion pattern, to allow multiple VarBinds, you would drop the parameter from the configuration, and change the Layout class to SnmpDelimitedConversionPatternLayout. You would then need to set the appropriate parameters of the Layout class. See SnmpDelimitedConversionPatternLayout for an explanation of using multiple VarBinds. Here's a sample of what you would need in a properties configuration file to configure this appender: log4j.appender.TRAP_LOG=org.apache.log4j.ext.SNMPTrapAppender log4j.appender.TRAP_LOG.ImplementationClassName=org.apache.log4j.ext.JoeSNMPTrapSender log4j.appender.TRAP_LOG.ManagementHost=127.0.0.1 log4j.appender.TRAP_LOG.ManagementHostTrapListenPort=162 log4j.appender.TRAP_LOG.EnterpriseOID=1.3.6.1.4.1.24.0 log4j.appender.TRAP_LOG.LocalIPAddress=127.0.0.1 log4j.appender.TRAP_LOG.LocalTrapSendPort=161 log4j.appender.TRAP_LOG.GenericTrapType=6 log4j.appender.TRAP_LOG.SpecificTrapType=12345678 log4j.appender.TRAP_LOG.ApplicationTrapOID=1.3.6.1.4.1.24.12.10.22.64 log4j.appender.TRAP_LOG.CommunityString=public log4j.appender.TRAP_LOG.ForwardStackTraceWithTrap=true log4j.appender.TRAP_LOG.Threshold=DEBUG log4j.appender.TRAP_LOG.layout=org.apache.log4j.PatternLayout log4j.appender.TRAP_LOG.layout.ConversionPattern=%d,%p,[%t],[%c],%m%n Here's an example using the properties file format the uses the delimited conversion pattern technique to allow multiple VarBinds: log4j.appender.TRAP_LOG=org.apache.log4j.ext.SNMPTrapAppender log4j.appender.TRAP_LOG.ImplementationClassName=org.apache.log4j.ext.JoeSNMPTrapSender log4j.appender.TRAP_LOG.ManagementHost=127.0.0.1 log4j.appender.TRAP_LOG.ManagementHostTrapListenPort=162 log4j.appender.TRAP_LOG.EnterpriseOID=1.3.6.1.4.1.24.0 log4j.appender.TRAP_LOG.LocalIPAddress=127.0.0.1 log4j.appender.TRAP_LOG.LocalTrapSendPort=161 log4j.appender.TRAP_LOG.GenericTrapType=6 log4j.appender.TRAP_LOG.SpecificTrapType=12345678 log4j.appender.TRAP_LOG.CommunityString=public log4j.appender.TRAP_LOG.ForwardStackTraceWithTrap=true log4j.appender.TRAP_LOG.Threshold=DEBUG log4j.appender.TRAP_LOG.layout=org.apache.log4j.ext.SnmpDelimitedConversionPatternLayout log4j.appender.TRAP_LOG.layout.ValuePairDelim=/ log4j.appender.TRAP_LOG.layout.VarDelim=; log4j.appender.TRAP_LOG.layout.ConversionPattern= %p;1.3.6.1.4.1.24.100.1/%m;1.3.6.1.4.1.24.100.2/%C{1};1.3.6.1.4.1.24.100.3 This software is based on the log4j software provided by the Apache Jakrta log4j project. This software is released under a version of the Apache license version 1.1 -- please see the LICENSE.TXT file included with this distribution for details. Version 1.2.9.1 2001-09-29 changes --- 2001-10-03: mwm : made changes needed to support v.1.1.1 of the SNMPTrapSenderFacade 2002-09-02: mwm : changed to be compatible with Log4J v. 1.2.x 2002-10-03: mwm : Made changes, mainly in #append, to deal with the new SnmpTrapSenderFacade interface architecture. 2002-10-15: mwm: Included the SysUpTimeResolver contributed by Thomas Muller. 2002-10-15: mwm : changed the sysUpTime value to a long, to cope with the SysUpTimeResolver mechanism. 2002-12-10: mwm : minor tweaks and prettying up of code. 2003-03-21: mwm : incorporated the first cut of Matt Monks's code to use a delimited conversion pattern string to allow mutliple VarBinds to be attached to the trap PDU. 2003-03-22: mwm : after reading Ceki's fine new book on Log4J, made several changes (for example, to the implementation of #close) to correct deficiencies in this class as an implementation of AppenderSkeleton. Also improved/added handling of the stack trace of the Throwable associated with the LoggingEvent, again inspired by Ceki's example in the new book. 2003-03-23: mwm : building on Matt Monks's ideas, added the SnmpDelimitedConversionPatternLayout, and used it to refactor the handling of the delimited conversion pattern case. 2003-05-24: mwm : minor changes to accomodate the change in the SnmpTrapSenderFacade interface, and added two new properties. 2003-07-05: mwm : some improvement in the exception handling of #loadImplementationClass Author: Mark Masterson (m.masterson@computer.org), Thomas Muller (ttm@online.no), Matt Monks (Matthew.Monks@netdecisions.com) [Less]