The Webalizer is a fast, free web server log file analysis program. It produces highly detailed, easily configurable usage reports in HTML format, for viewing with a standard web browser. Read more hot
The alscan tool is used to extract data from web server access logs. It creates a report based upon the contents of the logs and the options specified on the command-line.
a package whose goal is to facilitate the interpretation of logs/reports produced by Amanda
Amms is a high-performance traffic accounting system. It is primarily designed for squid, but easy adaptable for others.
Andatool displays in realtime how often one or more regular expressions match with what scrolls-by in a logfile. That way you can see quickly, for example, what firewall-rules get triggered most.
AWFFull is a Web server log analysis program, forked from Webalizer. It adds a number of new features and improvements, such as extended frontpage history, resizable graphs, and a few more pie charts.
Advanced Web Statistics is a free tool that generates advanced web (but also ftp or mail) server access statistics graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages. Read more
AWStats MultiSite Summary
AWStats MultiSite Summary is an extension to AWStats' user interface which summarizes multiple sites in a clear and compact way on a per month and user basis. It was build for small and medium service providers for centralized AWStats analysis and reports.
Big Brother Log Analyzer
a package comprised of two components: a logger, which logs all accesses to selected web pages, and a log analyzer, which nicely formats the logs into an HTML page
parses Squid and NetCache Native Logfiles and generates reports about Peak-usage, Request-Methods, Status- report of incoming and outgoing requests, second and Top- level destinations, content-types and performance
(free for non-commercial use) an event-driven data storage program used to maintain persistent time-sequence data sets derived from process data. It features absolute, relative, and time-based deadbanding of data, as well as a query facility suitable for generating graphs and tabular output for other analytical programs
CCZE is a C port of RASZi's colorize, with a set of bug fixes and enhancements. It uses PCRE to do the matching, and NCurses for the output.
Clichart is intended for quick summarization and visualization of data, especially from system logs. It provides tools to extract and manipulate tabular summary data from text files, and to generate and view simple charts from tabular data on the command line. Charts can be displayed in a window and/or saved.
colorize.pl is a Perl script to colorize your system, Squid, Apache, oops, xfer, and many other logs with file, version, address, URL, email, user, service, etc. catch routines.
reads a trace file containing hexadecimal pointer values like 0x94f41a2 and colours them. Each pointer value gets its own colour, so you can see at a glance which values are the same
DGLog is a log analyzer for the Dan's Guardian Web monitoring software. It supports the opening of compressed and uncompressed log files, exporting to text, HTML, and XML, and several other features.
used to generate binary configuration files for DOCSIS-compliant cable modems. DOCSIS stands for Data over Cable Service Interface Specification and is a standard developed by Cablelabs
Drossellog is a log file analyzer for Apache's combined log files. It parses them as a CLI script and displays the data with a nice Rails interface.
Epylog is a syslog parser which runs periodically, looks at your logs, processes some of the entries in order to present them in a more comprehensible format, and then mails you the output.
Free-SA is tool for statistical analysis of daemons' log files, similar to SARG. Its main advantages over SARG are improved speed, more support for reports, and W3C compliance of generated HTML/CSS reports. It can be used to help control traffic usage, to control Internet access security policies, to investigate security incidents, to evaluate server efficiency, and to detect troubles with configuration.
a Perl script used to analyze the last log. It can spit out information regarding how many times a user has logged in as well as what days, terminals, hours, and months are most popular for logins. In addition, it can sort this information alphabetically or ascending or descending by number of logins. It can even generate simple graphs
a freeware integrated WWW and FTP log reporting tool. Its primary inspiration was the wwwstat program
Ftree is an X-windows program to store and display family tree genealogy information.
a shell script that parses and summarizes firewall logfiles
a generic, all purpose, flexible summarizer for Checkpoint's Firewall-1 logs. It has been implemented using standard Perl 5 and is freely available under GPL
a realtime, colored logviewer for netfilter (and more)
fwlogwatch is an ipchains packet filter log analyzer with text and html summary output, interactive incident report generator and realtime anomaly response capability.
a log parser and reporting tool for IPTables. It generates daily and monthy summaries of the log files, allowing the admin to free up substantial time, maintain better control over security of the network, and reduce unnoticed attacks
a general statistics generator. It takes any textfile and commandline parameters very similar to the 'cut'-command. That way, one can generate statistics on almost any textfile
Gktail is a log viewer, which display the file you want in a themable window. Gktail is written in C with the Glib/Gdk/Gtk and Imlib Libraries.
glogg is a multi-platform GUI application to browse and search through long or complex log files.
a log parsing/presentation program written for OpenBSD's PF logs. The main script, "hatchet", should be run every 5 minutes, or as often as you wish. Depending on the size of your logfiles versus the speed of your machine, you may wish to tweak how often it runs
(commercial) a log analyzer for web servers. It analyzes the logfile of a web server and creates a comprehensive summary report from the information found there. http-analyze has been optimized to process large logfiles
a perl script that generates a statistical summary of the contents of an Apache access log and either prints the summary or sends it, via mail, to somebody
httplog is a replacement for Apache's 'rotatelogs' and Andrew Ford's 'chronolog'. It allows you to specify a logfile using strftime paramaters in the filename to act as a template.
httpsum is a highly configurable log file analyzer that lets you filter and summarize Web hits.
Human readable Glassfish Log
Human readable Glassfish Log is a utility that shows a human readable tail of the Glassfish or Sun Application Server server.log. It hides all cryptic non-informational messages and colorizes and tails the log.
a little tool to log the throughput of a Traverse Technologies NetJet ISDN router under Linux
a log analyzer for Intranets where all the pages and workstations (PCs) are known entities. It is tailored for the widely used Apache web browser and has been tested on versions 1.3.3 and 1.3.6 running on Linux (RedHat & Suse) and Solaris 2.6
IPFW grapher displays a graphical overview of bytes going through your IPFW rules and a piled overview of the percentage on which rule it passed.
IPTables log analyzer
IPTables log analyzer displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page. Read more
IPTables Queue LOGger: produces clean, easy to understand and (optionally) colorized logs of the packets that were sent to the user space using the QUEUE target of iptables
Isoqlog is an MTA log analysis program written in C. It designed to scan qmail, postfix, sendmail and exim logfile and produce usage statistics in HTML format for viewing through a browser. It produces Top domains output according to Sender, Receiver, Total mails and bytes; it keeps your main domain mail statistics with regard to Days Top Domain, Top Users values for per day, per month and years.
a log analyser and statistical generator for the game Counter-Strike. It is capable of processing the logs, using alias files, and outputting the statistics in an easy to read html format. It is written entirely in standard C++
jdresolve is a log resolver in Perl that is fast and recursive.
Kazimir is a log analyzer. It has a complete configuration file used to describe what kind of logs (or non-regression test) to be watched or spawned and the kind of regexp to be found in them. Interesting information found in logs may be associated with "events" in a boolean and chronological way.
a useful utility for you who uses 'kppp'or 'gnome-ppp' to connect to your ISP
LightSquid is a light log analyzer for the squid proxy. It features a small size (~45k) and a fast parser.
allows you to capture the log files from Linksys firewalls/routers. It has been extensively tested with the BEFSR41 but should also work with the BEFSR11, BEFSR81 and probably any of the other BEFSR family of routers
lla is an LDAP Logfile Analyser, it generates statistics.
Log Mine is a tool that produces reports on usage patterns on your Web site. You can dynamically generate various reports without having to parse the log files all over again. The tool is geared more towards generating comparative charts rather than hit counts.
a command line program that will parse ASCII logfiles into a more palatable format. It will take anything resembling a syslog or multilog file (this includes syslog-ng, and probably most of the other variants out there), and crunch it into: ANSI, ASCII, CSV, HTML and RAW
goes through several different kinds of logs (currently syslog, wtmp, and sulog), over some period (defaults to yesterday). It strips out the date and PID, and throws away certain entries. Then it tries each entry against a list of perl regular expressions
LogDistiller is a log files merge and sort tool. It reads log files, parses them into structured log events with attributes, then classifies them according to rules configured in an XML file. Classification results go into reports, which are published according to the rule configuration: simply stored in a file, sent by mail, or even added in a news feed. Some log parsers are included for syslog, Weblogic, simple line logs, Oracle alerts, and others. Log file parsing is designed to be easy to extend.
greps kernel logfiles on ipchains firewall log entries and features the ability to filter against given entries (date, IP, port, ..)
LogHack is a logfile analyzer for NetHack. It produces many different statistics sorted by Score, MaxLevel, DeathLevel, HitPoints, MaxHp, DeathsCount, latest entry, age, and top reasons for End.
LogJack is a free utility for analyzing webserver logs and keeping live statistics updated on dynamic web pages. It's primary purpose is to generate data for hit counters on pages and files on websites, although it also generates reports on webserver usage.
LogScanner reads messages from syslog or any other logging program via a pipe, analyzes the messages with the PCRE library, and sends email to the administrator about any errors or violations.
LogSplitter is a log handler for Apache that combines the features of rotatelogs, splitlog, and (in part) cronolog. It can process all of your virtual host logs with a single instance of the program, while keeping the benefits of having separate log files that don't need further splitting.
logsurfer is designed to monitor any text-based logfiles on your system in realtime.
logtop displays real-time count of strings received in standard input.
lumberjack is an open-source project to update and enhance the event log architecture.
a modular log analysis program that can be used to monitor a web site's performance. MagicStats offers three levels of customization possibilities, depending on how deep you want to get into the system
managelogs is a log processing utility primarily intended to be used in conjunction with Apache's piped logfile feature. It is an alternative to the well know rotatelogs and cronolog programs.
a small C program which merges and sorts http log files in 'Common Log Format' from web servers behind round-robin DNS
MODular LOGfile ANalyzer: a modular logfile analyzer which supports the extended logfile format, common logfile format and Wu-FTP logfiles
mreport reads a sendmail log file and summarizes email utilization by the size and number of emails sent.
Mudpit is an intelligent, modular and reliable spool processor for Snort's unified format.
NewSyslog is a highly configurable program for managing and archiving log files.
nfsstats.pl is a NFS sub agent for the Net-SNMP snmpd daemon. It allows Linux NFS statistics (both client and server) to be made available as SNMP values. This makes them graphable by tools such as MRTG, Cacti, Ganglia etc etc.
OpenStats is an advanced open source platform for providing web traffic analysis. It can parse through thousands of rows of log data and provide you with the most relevant information within a matter of minutes.
OpenWebStats is a php stats application that reads apache log files and imports the data to a mysql db. Then you have a awstats style reporting tool so you can review stats on demand from the database. Stats updates are available through cronjobs or through the web interface.
Python All-purpose Log Export and Transfer Application
Petit is a general purpose tool that can do hashing, word counts, and command line graphing of Apache and syslog files.
written in PHP5 and is meant to parse AWStats logfiles and store them in a database for simplified reading and displaying. The main goal is to display the stats customized using templates on your webpage or on customer interfaces
pyprof is a wrapper around python's profile module for easily profiling python scripts without having to specify the whole path to them if they are in $PATH, and with command line arg configurable behaviors.
PySquiLA is a Squid Log Analyzer written in Python. It parses and dumps Squid's access.log into the database, basic error checking.
qdologs archives and processes qmail-generated mail logs.
qflog is a tool for displaying log messages which is built on top of a Java library qflib. It can be used to conveniently browse log messages, searching for those that may be of relevance to some problem.
uses the Qmail-Scanner Logfile to generate daily, monthly, and yearly statistics. It also shows a complete list of viruses stopped by Qmail-Scanner, the top five domains from which the viruses came, as well as the countries
a RADIUS (Remote Authentication Dial In User Services) accounting log analysis package. Livingston, MERIT and Ascend RADIUS log formats are supported
a command line program which is intended as an intelligent incremental logfile reader. It will read a file or group of files given on the command line, and output any changes since last time it read the file(s) in question
a Generic Logfile Manipulator that offers file rotation and other customization
Reptor is a utility program written in Perl, intended to aid in the analysis of Raptor Firewall logfiles. It can generate traffic summaries and alert messages based on customizable conditions.
a powerful BASH script to archive/rotate system logs. It have almost all features of RedHat's logrotate, adding some others
RRDtool (Round Robin Database tool) is a system to store and display time-series data (e.g. network bandwidth, machine-room temperature, server load average, or even the height of surfing waves on La Jolla Shores). It stores the data in a very compact way, aggregating at stepwise coarser granularity as it archives further back in time, so as to maintain manageable archive size, RRDtool presents useful graphs by processing the data to enforce a certain data density. RRDtool can be used either via simple wrapper scripts (from shell or Perl) or via user-friendly frontends that poll network devices.
Squid Analysis Report Generator is a tool that allow you to view "where" your users are going to on the Internet.
ScanErrLog is a Python module that allows people to parse Apache error_log files from one of different possible sources (filename, stdin, python file object), and present their datas in decreasing number of occurences of error messages.
scanSquidLog quickly finds URLs in squid log files.
The purpose of this program is to scan the logfiles created by ulog-acctd, which is available separately here. It then creates a number of graphs, which are put in a directory where they can usually be viewed through a Webserv or whatever means you prefer.
an Apache Web Server log parser and HTML report generator written in Python
Simple Event Correlator is a tool that combines logfile monitoring with event correlation facilities. Read more
SEOlizer is an application that generates Web pages of analysis from Web server log files (Apache, etc). The analysis contains information useful for search engine optimization purposes. It is based on the Webalizer code.
a simple frontend for the unix seti@home client. It's a ncurses program that presents the data in a more presentable manner
analyze the logs of your website, and send you a report detailing every visit of the logfile, and summarizing the number of bookmarks, the most important referrers, and the most visited page of the period
generates statistics from the output of syslog
snort-rep is a Snort reporting tool that can produce text or HTML output from a syslog file.
a powerful perl script that summarize snort logs making an easy view of what attacks are being seen through your network
a Linux software package for use in software development on the Motorola MC68HC908GP32 microcontroller with a SPGMR08/ICD08GP20 serial programmer unit
Squid-Graph is a free squid logfile analysis tool distributed under GNU General Public Licence. It generates reports in the form of an ASCII graph, and then writes the data to STDOUT.
a squid traffic analyser, designed to allow per-user scrutiny and analysis of squid logfiles
squidsites is a tool that parses Squid access log file (usually /usr/local/squid/logs/access.log) and generates a report of the most visited sites, sorting by hit count or by bytes count. It has a GPL license.
squij is a Python script to analyse and help tune refresh_patterns in Squid (1.x and 2.x) configurations for freshness and efficiency.
a Squid Report Generator featuring PHP Output with built in authentication hooks, fast processing and detailed reporting
an syslogd's realtime parser and event handler. Event is a message from some service. It uses much simplified plugin system to add event handlers. Syslog2 written in Perl
System log colorizer
a text colorizer. It prints out some useful information by filtering and colorizing data (for example syslog files)
(free for non-commercial use) gathers information from the Cascade DataHub and stores it in an ASCII formatted file on disk
a log analyzer. In general notation it is a event counter per timeframe - in short frquency monitor. If it detects too high event rate, utility notifies about it
ULW processes custom Apache logs and reports hits based on combinations of URL, user agent, and remote IP address.
a flexible web-based analysis and reporting tool for firewall logs saved in a database using the ULOGD target of the linux netfilter project. It supports both postgresql and mysql databases
Yet Another Apache Log Analyser: parses webserver-logfiles and generates very detailed statistics
Yet Another Sendmail Logfile Analyzer is a reporting tool for sendmail logfiles. It gives you an overview of your mail traffic with some statistics:
overview of messages transfers, some average values,
top lists of message numbers, sizes etc. top lists of supposed spammers, status messages, relay hosts and mailers.
Zorbstats is a simple Web statistics generator like BigBrotherWebstats but using PHP and MySQL.