Internet - Log Analysis
Live Instructor Led Online Training Log Analysis courses is delivered using an interactive remote desktop! .
During the course each participant will be able to perform Log Analysis exercises on their remote desktop provided by Qwikcourse.
Select among the courses listed in the category that really interests you.
If you are interested in learning the course under this category, click the "Book" button and purchase the course. Select your preferred schedule at least 5 days ahead. You will receive an email confirmation and we will communicate with trainer of your selected course.
AWStats Log Analyzer
AWStats is a free powerful and featureful server logfile analyzer that shows you all your Web/Mail/FTP statistics including visits, unique visitors, pages, hits, rush hours, os, browsers, search engines, keywords, robots visits, broken links and more
Sarg - Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet. Sarg generate HTML reports, with informations about users, IP Addresses, bytes, sites and times.
DenyHosts is a python program that automatically blocks ssh attacks by adding entries to /etc/hosts.deny. DenyHosts will also inform Linux administrators about offending hosts, attacked users and suspicious logins.
Free Syslog Server for Windows with a graphical user interface
Visual Syslog Server for Windows is a free open source program to receive and view syslog messages. Useful when setting up routers and systems based on Unix/Linux. Visual Syslog Server for Windows has a live messages view: switches to a new received message. Helpful color highlighting. Useful message filtering. Customizable notification and actions.
swatchdog.pl started out as swatch, the "simple watchdog" for activity monitoring log files produced by UNIX's syslog facility. It has since been evolving into a utility that can monitor just about any type of log. The name has been changed to satisfy a request made by the old Swiss watch company.
Squid Analyzer parses Squid proxy access log and reports general statistics about hits, bytes, users, networks, top URLs, and top second level domains. Statistic reports are oriented toward user and bandwidth control.
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization
Log analyser for Squid access.log
Screen squid is web-based interface for viewing reports based on Squid proxy server log files. It can be accessed from web-browser through more than 50 reports. No extra files, only DB. All reports generated "on-the-fly". And we got personal cabinet for each user/group.
Sendmail log Analyzer is a tool to monitor sendmail usage and generate HTML and graph reports. It reports all you ever wanted to know about email trafic on your network. You can also use it in ISP environment with per domain and per mailbox report.
Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.
ISC dhcpd leases usage analysis
This is dhcpd-pools ISC dhcp shared network and pool range usage analysis. Purpose of command is to count usage ratio of each IP range and shared network pool which ISC dhcpd is in control of. Users of the command are most likely ISPs and other organizations that have large IP space. Program is written C. Design goal is to get analysis done quickly where there is lots of data. On cheap laptop the speed of analysis is roughly 100k leases per second. Number of ranges, or shared networks, does not make any significant difference in getting analysis done.
Free-SA is report generating tool for web, proxy and mail log files
Free-SA is logs processor and report generating tool. It can be used to control traffic usage, to evaluate conformance to the Internet access security policies, to investigate security incidents, to evaluate web server efficiency and to detect troubles with server configuration.
[ set status to abandon - volunteers welcome ] The postfix-logwatch / amavis-logwatch log analyzers produce summaries, reports and statistics regarding the operation of postfix and amavis. Use standalone, or as a filter module for the open source logwatch utility.
AfterGlow is a scripts which facilitates the process of generating link graphs from CSV input. AfterGlow is written in Perl and generates output that can be read by GraphViz, Gephi, etc. Source: Tarball:
Workflow Designer, Hive Editor, Pig Editor, File System Browser
Flamingo is a open-source Big Data Platform that combine a Ajax Rich Web Interface + Workflow Engine + Workflow Designer + MapReduce + Hive Editor + Pig Editor. 1. Easy Tool for big data 2. Use comfortable in Hadoop EcoSystem projects 3. Based GPL V3 License Supporting Pig IDE, Hive IDE, HDFS Browser, Scheduler, Hadoop Job Monitoring, Workflow Engine, Workflow Designer, MapReduce.
An HTTP server that forwards all traffic to another HTTP server. All replies replies are forwarded back to its client. This allows the user to diagnose all http traffic sent between the client and the actual server.
IPLClient is part of a Client-Server technology for IPLocation and visualization. It will manage log-file transfer and handle data delivered by the IPLServer for proper visualization. Modules and plugins may be applied to the client.
A powerfull tool for analysing application servers logs (websphere, websphere portal, j2ee, custom) in a cluster (or not). It can analyse any log format thanks to a parser plugin approache. You can easily develop your own parser in java (for jboss, bea,.
Command line client interface for LOGalyze 4
Command line LOGalyze client. logalyze-cli is a powerful command line client for managing LOGalyze engine. With LOGalyze application log analyzer, you can collect your log data from any device, analyze, normalize and parse them.
Loghog was designed to take a proactive stance on snort output. It supports multilog processing and is optimized for high volume traffic. LogHog responds to events by conducting actions such as email and blocking
LogViewer is a MS Windows .NET application that display logging datas. It's like the unix 'tail'. It can read a file or listenning over a TCP socket. Use regulars expressions to Hide, Rewrite, Colorize lines of log. Have a look at Screenshots section.
Logbus-ng consists in a set of tools to aid developers perform Log Analysis in all the stages: log generation, collection, distribution, storage and analysis. It is designed specifically for Field Failure Data Analysis in critical distributed systems
MRTG Traffic Utilization (mrtgtu) is a simple PHP script that reads your MRTG log files and will display the total amount of traffic for a given time period. Output is in east-to-read HTML and fully customizable via CSS.
This useful GUI script help you to monitoring you limit access to internet from GPRS, EDGE, UMTS and etc. It support three types of connection: limited , packet of traffic, unlimited.
NetMate Meter is a flexible and extensible tool for network measurement. It can be used for accounting, delay/loss measurement, packet capturing. It supports dynamic loadable packet processing and data export modules and a flexible packet classifier.
“Instead of remembering a sequence of characters as the secret, users have to remember a shape as the secret.”
Php Log Analyzer (aka PLA) is a Log Analysis tool for Apache. There are lots of log analyzer softwares available on the internet but most of them have their own data storage ways. PLA is a tool to analyze log files and store results into MySQL databases.
lla is an LDAP Logfile Analyser , it generates statistics At this moment only NS 4.11 Logfiles have been tested. Your on your own if you want to analyse other type of Logfiles. But feel free to give feedback on your experiments and contribute patches to t
This utility color-codes log files or console output from JBoss, WebLogic, WebSphere, and DAS application servers. Output originating from ATG is also recoginzed and colored appropriately. This utility greatly aids in reading and interpreting log fil
GoAccess is a real-time Apache web log analyzer and interactive viewer that runs in a terminal and provides fast and valuable HTTP statistics for system administrators that require a visual report on the fly.
System for Web usage mining and data warehouse: it allows the discovery of knowledge from data (KDD) regarding users' usage on the Web (such as unique visitors, sessions, transactions) and organise it in a RDBMS (currently PostgreSQL). Written in C++.
redWall is a bootable CD-ROM Firewall with Snort, snortsam, dansguardian and support for fwbuilder, spamassassin, reporting (using ACID/sarg/ntop/webfwlog), VPN (FreeSWan/PoPToP/Openvpn) and mail alerting (by mail). Configs are stored on a Floppy or USB
Qmail-Scanner Statistics (QSS) uses the Qmail-Scanner Logfile to generate daily, monthly, and yearly statistics. It also shows a complete list of viruses stopped by Qmail-Scanner, the top five domains from which the viruses came, as well as the countries
This program runs on XP/2000/NT plataform using the Microsoft .NET Framework and Microsoft SAPI speech / voice engine. Monitors an unlimited number of files on local or remote filesystems , for changes and then speak the content
Squeezer is a multi-dimensional logfile analyzer for Squid web cache server. It measures transfer speed from Squid, source servers and other caches and gives an information useful for tuning Squid and web cache hierarchy or mesh.
Hadoop, Hbase, HBase Web Client, Flume based log analytics system
Syoncloud Logs enables you to process log files from various applications using Hadoop, Flume and HBase. It has an easy installation and configurations interface. It has Syoncloud HBase web client. It displays tree of HBase tables and column families linked to paginated grid of data.
Java based tunnel: Logging outgoing HTTP requests Reveals username/passwords/any posted unencrypted form data Can be extended as session hijacker for ethical hacking & implementing corporate surveillance policies Alsoat
PHPIDS-based Security Log Analyzer for Apache
Check out the successor at: Web Forensik ist a script that uses PHPIDS to automatically scan your HTTPD logfiles for attacks against web applications.
A web based system for reporting on web server log files. Using Postgres DB Java servlets Uses a web server and Java runner of your choosing. (Originally Written for Apache / Servletexec) Allows custom reports. Timing of reports and
WikiBlame is a php-based tool that helps you find out when a certain phrase was inserted into an article in a MediaWiki
XpoLog Log Server is a distributed cross platform log collection and archiving solution. The log management server will receive Syslog and will be compatible with XpoLog Center for the log viewer, log search engine, reports and analytics.
Use python to parse privoxy log in clf format and refer to wot ratings of the site and then dump the data in a sqlite database for statistics generation later.
Calculates the cost of the internet connection (PPP).Subpackages:pppcounter (save time of the connection,tool library for cost calculation,a cost calculator and config files generator for console);pppcost (GUI frontend for pppcounter:Gnome1,Gnome2)
A monitor for search engine crawlers
Crawlitor is a tool for monitoring how search engine bots are crawling your website. It will help you detect and fix crawling errors and that will finally improve your rankings and make bots such as google like your website more. This tool will be similar to Google Webmaster Tools but will give you more features and control over all search engine robots from one place, because it will be hosted on your webserver. The development will be done using PHP, MySQL, and Yii Framework and crawling data will be extracted from Apache Logs. There are plans for the future to support other databases and web servers.
IPLServer is part of a client/server technology for ip location. It is queried from IPLClient or other clients and delivers data like latitude, longitude, country and city.
Panoptis plans to create a network security tool (N-IDS) to detect and block DoS and DDoS attacks. The programming language is C++, and the input is being provided by routers.
ipac is an ip accounting package for linux. It collects, summarizes and nicly displays ip accounting data. The output of ipac can be a simple ascii table or graph images.
log2web is a software intended to expose on a simple web page the logs generated by log4j. The objective is to have an online log viewing tool to replace a "tail -f" plus some other benefits.
ModLogAn is a modular logfile analyzer which is able to generate reports based on 15 different inputformat from variuos sections (http, ftp, mail, firewall, isdn, ...). As a special feature it can combine multiple inputfiles from clustered servers.
Netmon is a simple program for monitoring bandwidth and data usage on linux machines. It is useful for those with a broadband connections that pay for their data or have download limits.
A multi-platform universal log collector and forwarder
NXLog is a modular, multi-threaded, high-performance log management solution with multi-platform support. In concept it is similar to syslog-ng or rsyslog but is not limited to unix/syslog only. It can collect logs from files in various formats, receive logs from the network remotely over UDP, TCP or TLS/SSL . It supports platform specific sources such as the Windows Eventlog, Linux kernel logs, Android logs, local syslog etc. Writing and reading logs to/from databases is also supported. The collected logs can be stored into files, databases or forwarded to a remote log server using various protocols. The old BSD Syslog and the newer IETF syslog standard is fully supported by NXLog in addition to Snare, XML, JSON, GELF, KVP, CSV and custom formats. A key concept in NXLog is to be able to handle and preserve structured logs. No need to convert everything to syslog and parse these logs again at the other side. It has powerful message filtering, log rewrite and conversion capabilities.
pmGraph is an application for graphical network monitoring. It draws graphs of network traffic (recorded by pmacct) broken down by local and remote host and port. It is part of Aptivate's Bandwidth Management Tools suite.
A Java based web server log file analyzer. Gives you detailed knowledge of what your visitors did whilst visiting your site. Provides information on human visitors, searches, search engines, site areas, pages, visit paths and more...
Sgrep (sorted grep) is a much faster alternative to traditional Unix grep when searching large files, because sgrep searches sorted input files using a fast binary search to find matching lines.
Monitor your internet connection
Lightweight windows service that monitors your internet connection. And a simple GUI to check the status and uptime of your connection. This software pings several reliable servers (totally configurable) to check if your internet connection is up.
AVirCAP is a system for manual and / or automated detection of CodeRed and Nimda type of hack attempts and virtually all other kinds of "logable" intrusion attempts. It can work stand alone or together with other additional AVirCAP machines in the LAN/W
Alfred, OpenSource Internet Software, is a collection of utilities that bring Quota support to SQUID. Alfred has been used in a large high school for several years now, and is working without a hitch.
PERL script and required environment to easily use the Afterglow software ( Copyright (c) 2006 Raffael Marty) by listing the packet captures to visualize or by specifying a directory that contains the packet captures.
A console application written in .NET to parse Internet History files. The target .NET framework is v2.0 and up, so this should work with all Windows systems from XP to 7. It has been tested on Vista and 7 so far.
In the field of Log Analysis learning from a live instructor-led and hand-on training courses would make a big difference as compared with watching a video learning materials. Participants must maintain focus and interact with the trainer for questions and concerns. In Qwikcourse, trainers and participants uses DaDesktop , a cloud desktop environment designed for instructors and students who wish to carry out interactive, hands-on training from distant physical locations.
For now, there are tremendous work opportunities for various IT fields. Most of the courses in Log Analysis is a great source of IT learning with hands-on training and experience which could be a great contribution to your portfolio.
Log Analysis Online Courses, Log Analysis Training, Log Analysis Instructor-led, Log Analysis Live Trainer, Log Analysis Trainer, Log Analysis Online Lesson, Log Analysis Education