horst is a small, lightweight IEEE802.11 wireless LAN analyzer with a text interface. Its basic function is similar to tcpdump, Wireshark or Kismet, but it?s much smaller and shows different, aggregated information which is not easily available from other tools. hot
Nagios is a host and service monitor designed to inform you of network problems before your clients, end-users or managers do. Read more hot
OpenNMS is a scalable enterprise-class network monitoring and management platform, leveraging Java, XML/XSL, C/C++, and SOAP to get the job done. Read more hot
Pandora FMS is a monitoring application to watch systems and applications, that allows to know the status of any element of your systems, watch for your hardware, software, multi-layer system and Operating System.
Read more hot
Specto is a desktop application that watches configurable events (such as website updates, emails, file and folder changes, system processes, etc) and then triggers notifications. Read more hot
addrwatch is a tool similar to arpwatch for IPv4/IPv6 and ethernet address pairing monitoring.
AggreGate Network Manager
(shareware) AggreGate Network Manager is a network/application/performance monitoring platform. It tightly integrates with other smart building management systems, such as those for physical access control, HVAC, lighting, and time/attendance control.
Aimwatch is a packet sniffer designed to reconstruct AOL Instant Messenger and ICQ information by passively collecting packets from the network.
akk@da is a simple network monitoring system designed for small and middle size computer networks. Its purpose is to quick detect system or network fault and to display information about detected problem for administrator.
Alarm Pinger is a tool which monitors various IP devices by simple ICMP echo requests.
AlarmMon is an alarm monitoring system for TCP/IP-based networks. It consists of client part called "alarm", server part called "alarmsvr" and of several agents. All parts of the system works with one central registration database.
aNTG collects and displays network traffic statistics on a Linux-ish machine.
Argo is a monitoring system for the Xen hyperviser, comprised of a network server which runs upon your Xen host and any number of clients which connect to that server over a socket.
Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a network traffic stream. Read more
Argus Monitoring System
a system and network monitoring application. It will monitor nearly anything you ask it to monitor (TCP + UDP applications, IP connectivity, SNMP OIDS, etc).
ArgusEye is a GUI for the Argus network auditing suite. It aims at supporting daily work by providing a graphical user interface for traffic analysis and configuration management.
arpalert uses ARP address monitoring to help prevent unauthorized connections on the local network.
Arphound is a tools that listens to all traffic on an ethernet network interface, and reports IP/MAC address pair, as well as events such as IP conflict, IP changes, IP addresses with no RDNS, various ARP spoofing, and packets not using the expected gateway. Reporting is done to stdout, to a specified file and/or to syslog.
ArpMonitor logs any ARP request to and from your machine or network.
ARPView is a graphical user interface module for arpalert for watching the network discovery as it happens.
arpwatch monitors mac adresses on your network and writes them into a file.
aupcheck helps to monitor NGI F4 Flat Internet connections.
AutoScan-Network is a network discovering and managing application. No configuration is required to scan your network. The main goal is to print the list of connected equipments in your network.
a network and server monitoring program. It is designed to support large, arbitrarily complex networks of computers, and stillprovide feedback in a very timely fashion
Bandmin is a simple set of perl scripts designed to record and log ip accouting data. It can also display the data that it collects in a set of html pages. Bandmin currently has support for iptables, ipchains, UserIPAcct, ipfwadm, ipf, and ipfw.
Bandwidth Monitor NG
a small and simple curses-based bandwidth monitor for Linux or other systems with /proc/net/dev or net-tools netstat
BanFromLog is a simple script to log any illegal user attempt of your SSHD daemon from the auth.log file.
Bartlby is a network and system monitor completely written in C, to provide a scaleable framework with the ability to monitor networks of various sizes. Bartbly consits of a core deamon, serveral plugins and the web-gui (php-extension).
a web based system management tool which delivers information on the status of networked systems in a simple and easy to use manner
BENIDS is a pcap-based NIDS for Linux. It uses its own XML rule file format which allows arbitrary, complex boolean matching conditions.
Benson Distributed Monitoring System
Benson Distributed Monitoring System is an automated messaging and monitoring system designed to ease the life of a network, system,and database administrator. The communication portion is implemented in CORBA (currently BOA, and MICO), and thebackend logic and functionality is perl.
BGPHist is a tool that able to get MP-BGP updates, decode it, and write to the backend storage for logging and monitoring purposes.
an SNMP-aware monitoring program consisting of a Web-based server and a monitoring agent. It runs under various Unixes and Windows
a collection of four perl scripts useful to monitor a network
Blinky Network Usage Monitor
a graphical network usage monitor for Linux and Solaris. It displays the usage of one or more network interfaces using blinking lights (as in the dial-up system tray icon in Windows)
Blitzed Open Proxy Monitor
Blitzed Open Proxy Monitor is an open-source open proxy monitor, designed for use with hybrid-based ircds, although it can be used with slight modification on any server which has +c to show connects to opers and that supports KLINEs.
bmon is a portable bandwidth monitor and rate estimator running on various operating systems. It supports various input methods for different architectures. Various output modes exist including an interactive curses interface, lightweight HTML output but also formatable ASCII output.
BOINCTail displays the status of jobs running in the BOINC environment in a 'tail-like' way. That way, one doesn't need an X server to be able to monitor (for example) setiathome, lhcathome, etc.
bsnmp-regex is a module for bsnmpd that allows the creation of SNMP counters from logs, program output, or other text data. The resulting data can then be queried or graphed with the usual SNMP tools.
Bungmeter is fork of fnetload. It's a small network graph monitor that displays a graphical representation of the the data flowing in and out of a given network interface. It's goal to be small and lightweight, yet very useful.
Bwmeas is a simple tool that continuously measures the number of packets and the number of bytes that are received in a specified time-interval. It can furthermore compute and print the average bandwidth for each such time-interval.
CaiCai is a system for monitoring whether certain hosts are dead or alive. It examines different services/aspects (DHCP, Ping test, etc), gives some stats on those and has an (user-defined) sound alarm in case something goes wrong.
a comprehensive software suite developed by CAIDA to collect and analyze data from passive Internet traffic monitors, in real time or from trace files. Realtime monitoring support includes system network interfaces (via libpcap), FreeBSD drivers for Apptel POINT (OC12 and OC3 ATM) and FORE ATM (OC3 ATM) cards, and support for Linux drivers for WAND DAG (OC3 and OC12, POS and ATM) cards
Caligare Flow Inspector
(commercial) CFI (Caligare Flow Inspector) is a tool for processing and evaluating network traffic, using network flows export statistics sent by a router. It is also a user-friendly application used for network diagnostics. It has the added ability of real time monitoring and data analysis, in which you can find and locate network traffic transmitted over the local host and local networks.
CBan displays the current traffic on the selected interface.
CBLM is a high performance latency (one-way and round-trip), packet loss and jitter monitoring probe. When run on two or more servers, a full mesh of connections is automatically setup between the probes. The full mesh of connections are used to transmit UDP packets between the probes. Statistics are collected and stored within a MySQL database.
CeMoSShE (CEntral MOnitoring in a Simple SHell Environment) is a simple, lightweight (both in size and system requirements) server monitoring package designed for secure and in-depth monitoring of a handful of typical/critical Internet systems.
Centreon is a network, system, applicative supervision and monitoring tool.
Charles Web Debugging Tool
Charles is an HTTP proxy / HTTP monitor that enables a developer to view all of the HTTP traffic between their machine and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information).
check_aaccli is a plugin for Nagios which checks the hardware health of Adaptec SCSI RAID controllers. To accomplish this, you must have installed the aaccli binary (from the aacapps package). The plugin checks the error log of single disks (with S.M.A.R.T.) and the health of mirror containers.
check_db2_health is a plugin for Nagios that allows you to monitor DB2 database servers.
check_openmanage is a plugin for Nagios that checks the hardware health of Dell servers running OpenManage Server Administrator (OMSA).
check_oracle_health is a plugin for the Nagios monitoring software that allows you to monitor various metrics of an Oracle database. It includes connection time, SGA data buffer hit ratio, SGA library cache hit ratio, SGA dictionary cache hit ratio, SGA shared pool free, PGA in memory sort ratio, tablespace usage, tablespace fragmentation, tablespace I/O balance, invalid objects, and many more.
check_procs_multi is a Nagios plugin similar to check_procs able to check several processes at once.
checkmySAP is a simple and efficient Hobbit / Xymon extension to monitor remote SAP services on your network.
Checkservice is a Perl script that monitors services on remote hosts.
an extremely flexible system for monitoring trends in time-series data. Cricket was expressly developed to help network managers visualize and understand the traffic on their networks
Cyberprobe is a software-based probe, collects packets from a set of network interfaces, and any packets which match on a address map are forwarded to an endpoint in a packet-streaming protocol.
dabba is a set of distributed network monitoring tools. Its main use is to gather or scatter actions on a network such as traffic capture, replay, generation, or monitoring.
a solution for monitoring ethernet activity across many different ethernet networks. Darpwatch is based on the original arpwatch source from UCB
DB based NetFlow Collector
DB based NetFLow Collector aims to collect Cisco NetFlow data and store it to a database. It has a plugin interface, which makes it flexible for fitting in particular tasks.
dim_STAT is a performance analysis and monitoring tool for Solaris and Linux (as well all other UNIX) systems. Its main features are a Web based interface, data storage in a SQL database, several data views, interactive (Java) or static (PNG) graphs, real-time monitoring, multi-host monitoring, post analyzing, statistics integration, professional reporting with automated features, and more.
Download Monitor monitors the amount of data downloaded and uploaded over the network over time. It displays this data in easy to read graphs. The utility also allows a usage quota to be set and warns when the quota is exceeded or soon to be exceeded. It is useful for people on capped data plans.
Inspired by EtherPEG, Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. It is interesting to run it on a host which sees a lot of web traffic.
a distributed system consisting of one or more agents and one or more servers. Agents, distributed on computers over network, are monitoring the network's and hosts' state. Gained data are sent to a special server or servers in order to store them
Egglog generates statistics based on public lines, actions and user channel joins.
a protocol analyzer for ethernet networks. The program allows you to display the received frames either in an overview mode or in a frame detail mode
esniff counts net packets & writes info in berkeley db. very simple.
EtherApe is a graphical network monitor for Unix modeled after etherman. Featuring link layer, ip and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display. It supports Ethernet, FDDI, Token Ring, ISDN, PPP and SLIP devices. It can filter traffic to be shown, and can read traffic from a file as well as live from the network.
Ethereal Network Analyzer
Ethereal Network Analyzer is a utility that lets you capture and analyze network traffic.
etherpoke is a scriptable network session monitor. etherpoke defines three events to which a hook (system command) can be assigned. The event hook can be any program installed in the system.
EthStatus is a simple, easy to use program for displaying commonly needed / wanted statistics in real time about ingoing and outgoing traffic that is usually hard to find, with a simple, efficient interface.
Fallback-gw is a little script to be called via cron that checks availibility of neighbor routers using ping and activates backup routing on ping failure.
Flow Loader And Virtual Information Output
Flow Loader And Virtual Information Output is a netflow collector data grapher. It gets data from netflow collector, loads it into a MySQL database and gets it back to graph daily, weekly, monthly and yearly charts. It shows traffic splitted by ports, as well as total statistics, and generates percentile 95 information suitable for billing in burstable services.
a libpcap-based tool that collect network traffic data and emit it as NetFlow flows towards the specified collector
Ganglia Cluster Toolkit
Ganglia Cluster Toolkit is a massively scalable cluster monitoring and execution environment. Read more
gbRRDGraphix is a graphical user interface that allows one to use RRDTool commands and "flow-tools" Netflow utilities easily.
GFI Network Server Monitor
(commercial) a monitoring tool that allows administrators to monitor the network for failures or irregularities automatically. With GFI Network Server Monitor, you can identify issues and fix unexpected conditions before your users (or managers) report them to you
Gkrellfah2 (gfah) is a local monitor and interface for the Linux Folding@Home client packaged as a plugin for GkrellM. Also available is a client/server version for monitoring remote machines using GkrellMD. gfah collects status information on active work units for display and records info on completed work units in a local log file.
Gnome Network Monitor
Gnome Network Monitor is a network monitor for the GNOME desktop. It includes an overview of processes communicating on the network (similar to top for CPU load), network interface statistics, network statistics overview, and an iptables log analyzer.
Gossimon is a gossip-based distributed monitoring system for a cluster of Linux nodes. The package includes a daemon to run on every node of the cluster and client programs for obtaining and displaying information about all nodes
a bandwidth utilization viewer. It gets the bandwidth utilization information for eth0 interface from "/proc/net/dev" file in 15 seconds periods, and stores it in four data files (daily, weekly, monthly, and yearly)
GTKNetTraf is a GTK2 client for the NetTraf remote network monitor. It is designed to have a prettier and more user friendly interface than the existing Tk client, as well as providing additional features, such as the ability to monitor multiple machines simultaneously.
Hardscan is a local netstat replacement that scans for open ports the hard way: by binding to each of them and attempting to handshake with itself. It is meant to be useful in a situation where you may have been rooted, rendering the output of netstat and other security tools untrustworthy.
High Availability Port Monitor
High Availability Port Monitor (HAPM) is a local port status check. It is a simple, light and fast daemon to check TCP/UDP ports. If one or more monitored ports (per IP) downs then the Heartbeat will be killed by HAPM.
httperf is a tool for measuring web server performance. It provides a flexible facility for generating various HTTP workloads and for measuring server performance. The focus of httperf is not on implementing one particular benchmark but on providing a robust, high-performance tool that facilitates the construction of both micro and macro-level benchmarks.
httppp is a network capture analyzer which extract HTTP request response times from a previously recorded network capture file.
an interactive linux console application which shows
bandwidth consumed and total data transferred on all interfaces
Icinga is an Open Source Monitoring System based on Nagios. Icinga will be fully compatible with its predecessor, retaining all the existing Nagios features while adding new features requested by the user community.
ICMPush is a tool that send ICMP packets fully customized from command line. This release supports the ICMP error types Unreach, Parameter Problem, Redirect and Source Quench and the ICMP information types Timestamp, Address Mask Request, Information Request, Router Solicitation, Router Advertisement and Echo Request. Also supports ip-spoofing, broadcasting and other useful features. It's really a powerful program for testing and debugging TCP/IP stacks and networks.
icpld is a tool which allows you to keep track of your network connection perfomance. It will log each occasion of broken networking. It runs as a background process, and sends ICMP requests to an ip of your choice.
ifGraph is a set of perl scripts that were created to fetch data from SNMP agents and feed a RRD file (Round Robin Database) so that graphics can be created later. The graphics and the databases are created using a tool called RRDTool.
ifmonitor is a network interface traffic logger and grapher.
IFStatus was developed for Linux users that are usually in console mode. It is a simple, easy to use program for displaying commonly needed / wanted statistics in real time about ingoing and outgoing traffic of multiple network interfaces that is usually hard to find, with a simple and effecient view. It is an alternativle to the PPPStatus and EthStatus projects.
iftop is an open source utility that displays bandwidth usage on an interface by host. iftop does for network usage what top does for processor usage. This utility listens to network traffic on a named interface and displays a table of current bandwidth usage by pairs of hosts. Read more
iftopcolor is iftop with color for color enabled terminals.
a network I/O byte grapher made to graph cumulative kB/MB/GB totals for hours/days and months
IP Bandwidth Watchdog
a pcap based IP traffic monitor. It tallies per-subnet traffic and bandwidth usage and starts detailed logging if specified threshold for the specific subnet is exceeded
IP Tables State
IP Tables State implements the "state top" feature from IP Filter for IP Tables.
IP-ID allows simple name resolution in a local network without using DNS via the samba nmblookup program. It also integrates with XBMC to detect and add an xbox to known local hosts.
IPAUDIT listens to a network device in promiscuous mode, and records of every 'connection', each conversation between two ip addresses. A unique connection is determined by the ip addresses of the two machines, the protocol used between them and the port numbers (if they are communicating via udp or tcp).
a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic, though adding support for other protocols should be relatively easy. iplog contains a built-in packet filter, allowing for logging or excluding packets that fit a given set of criteria
iplogled is a logger for IP packets via keyboard LEDs. It logs ICMP, UDP, and TCP connections.
Ipmap is an IP address grapher, inspired by an xkcd comic and glTail. It reads data from standard input and maps IP/size pairs on a map. You could run this unmaintained on some display in your NOC to visualize network traffic as an eye-catcher.
IPTraf is an open source ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, LAN station packet, Ethernet load info, node stats, IP checksum errors, and others. Read more
IPWatch is a Linux shell script that will monitor your network connection and take corrective action when several problems happen.
isdnMonitor saves call information (number, name, connection, and duration) in a MySQL database, does inverse searches for German phone numbers, enables notifying clients via the Windows/SMB messaging service, and displays caller names on an LCD display via LCDproc.
monitors the isdnctrl device from the isdn4linux package, as of today it's capabilities are limited, it will just send all the relevant data to the clients
a simple, but often useful network security tool which displays ICMP packets and attempted TCP connections from remote hosts
jMon creates a TCP/IP connection to the jmond daemon running on each of the hosts that are to be monitored. The client displays CPU, memory and swap usage on the host machines. The amount of resources consumed is displayed as a horizontal bar, ranging between 0% and 100%. Where the terminal is capable of colour, a load between 0% and 33% is indicated in green, 33% to 66% in yellow, and 66%+ in red. With a long list of hosts on display, it is possible to scroll through the list using the cursor keys, or simply resize the window in X.
jnettop is a network traffic visualiser. Nettop captures traffic comming across the host it is running on and displays streams sorted by bandwidth they use. Result is a nice listing of communication on network by host and port, how many bytes did this communication transport and the bandwidth it is consuming. Read more
Job Monarch is an addon to the ?Ganglia Monitoring System that provides (batch) job monitoring and graphical overview of clusters and assorted batch systems.
KBMon is a bandwidth-monitor for local network devices. On three different panels you can watch the speed of the transfered and the received data, and you can see the speed of the total data on the choosen interface.
a simple ISDN monitor that attaches itself into the KDE taskbar. It displays the status of all connected ISDN devices that are known to ISDN4Linux
a monitoring tool for WaveLAN devices. It shows information such as the link quality and bit rate
a small utility designed to monitor urls, checking for changes. It docks into the KDE 2.0 panel and can also be used as a launching pad for viewing urls in your favorite browser
Limph (Limph Is Monitoring Pingable Hosts) provides both UPD and TCP port checks of grouped network hosts with email notification. Limph is completely configurable through its Web interface.
a Posix compliant application, used to monitor and react to device activity of Cisco Linksys devices
a tool for monitoring Linksys BEFSR41 and BEFSR11 firewalls under Linux and other Unix-like operating systems
ltraf is a utility to list traffic flowing through a computer's network interface.
lvs-rrd is a couple of scripts to collect
connection data from an LVS, store them in RRD files and later graph that data so that trends can be observed.
Mbrowse is an SNMP MIB browser based on GTK and net-snmp.
quietly probes a subset of the sites in a given list, writes the results in the 'state' file and generates a web page with the results. The subset contains the sites that are new, bad and/or not probed for a specified time
Monesa is a simple script for monitoring hosts trough the ICMP protocol.
MoNetAny is a general monitor applet for the gnome panel.
Monitoringplug is a collection of monitoring plugins for Nagios. This collection uses libraries like net-snmp, curl, ldns, selinux, xmlrpc-c, and expat to check services.
a general-purpose multi-environment network monitor
MONTSUQI is a small transaction monitor for Unix-like systems. It provides online processing like a mainframe, but features a more powerful user interface. It supports programming in C, COBOL, and Ruby. It has a clustering feature for heavy loads, and manages database replication.
MoSSHe (MOnitoring with SSH Environment) is a simple, a simple, lightweight (both in size and system requirements) server monitoring package designed for secure and in-depth monitoring (typically around a dozen checks per system) of a handful of remote systems, typically internet servers or similar
a complete package for network traffic accounting across the multiple routers and clients
The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network-links. MRTG generates HTML pages containing graphical images which provide a LIVE visual representation of this traffic. Check http://www.ee.ethz.ch/stats/mrtg/ for an example. MRTG is based on Perl and C and works under UNIX and Windows NT.
mrtg-select allows the flexible display of MRTG graphs, chosen by keyword and time span. Keywords are automagically detected by looking at the graphs generated by MRTG, which means there is no configuration file to update: just point the script at the directory with the graphs.
mtr combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool. Read more
Nagiosgraph is an add-on for Nagios. It collects service perfdata in RRD format, and displays the resulting graphs via CGI.
Nagstamon is a Nagios status monitor with a UI that resides in the GNOME systray or on the Windows desktop. It informs you in realtime about the status of your Nagios monitored network.
a tool to monitor internet hosts` bandwidth usage in a Linux-NAT network. A daemon collects data and clients display them (currently a GTK apps with a graph, a console version and a Win32 frontend). It detects new hosts and has a nice summary statistic
NatStat is a network monitoring tool designed to help paranoid users and network administrators that want to monitor their iptables settings live. The power of NatStat is that it can monitor iptables-rules.
a remote system monitor for unix hosts.
It is a client/server-application using UDP-packets to receive the information of the hosts running the daemon and listed in the clients configuration file
NDSAD Traffic Collector
NDSAD is a software package for translating captured traffic data into the NetFlow v.5 format.
monitors network services and reports outages. Working from a discription of the network topography, nefu's algorithm prevents "false alarms" in the event of a network outage due to a dependency failure
Network pipemeter: a tool for measuring available bandwidth between hosts. nepim is also useful to generate network traffic for testing purposes.
a pair of simple perl scripts that will monitor and report on your internet connectivity
Net/FSE, Packet Analytics' network data search engine, puts the power of real time
searches over terabytes of NetFlow data in the hands of security analysts. The
network data search engine dramatically reduces exposure to significant business risk
by enabling security specialists to quickly and definitely determine the full scope of a
network security alert. Net/FSE empowers network security professionals to collect
and concentrate enterprise-wide network data, particularly NetFlow data into a
comprehensive, accessible form critical for network security analysis.
netlcdclient is a client for LCDproc. It shows network statistics from any interface listed in /proc/net/dev and will work well with 20x4 LCD displays.
a GNOME network load monitoring applet
Netlogger is a set of tools to send and receive generic information using UDP, with support for broadcast transmission. Some of the tools are scripts that rely on Ettcl and some are C programs.
a flexible and extensible network measurement tool (meter). It can be used for accounting, delay/loss measurement, packet capturing and much more. The main advantage over other existing tools is that it can be easily extended due to its modular (class-based) structure and dynamic loadable packet processing and information export modules
NetMon is a network-wide process monitor (kind of "top for networks") using GTK widgets.
A simple console based utility for monitoring data bandwidth and data totals. Has logging so data totals are not cleared on computer restart.
a tool for network monitoring, reporting, and graphing. Based on RRDTOOL, the best of open source graphing systems, NetMRG is capable of creating graphs of any parameter of your network
a network monitoring tool that represents network information via audio output
an extensible multi-connections, multi-protocol, network client program, written in pure
an application that shows you the health your internet connection through a map of your part of the Internet
NeTraMet is a network accounting meter. It builds up packet and byte counts for traffic flows, which are defined by their end-point addresses.
monitors hosts and services on your network. It has the ability to email or page you when a problem arises and when a problem is resolved. NetSaint is written in C
Netsaint Console monitor
Netsaint Console monitor is a curses-based console monitor for Netsaint. It allows you to monitor Netsaint services without the expense or availability of a GUI.
netspeed-plasmoid is a simple plasmoid that shows the current speed of a network interface and some other statistics.
netspeed_applet is a little applet that shows how much traffic occurs on a specified network device.
nettest monitors a networks connection, and takes some action if/when the connection goes down.
an application to remotely monitor a UPS (usually via SNMP) and take one or more specified actions if a condition is met
Netvisix listens on your local network interface and visualizes the network packet flow between hosts. There are also packet statistics per host available.
a dynamic program which displays the Ethernet status based each the connection's activity. It has the capability of monitoring hundreds of site statistics simultaneously
Network Equipment Performance Monitor
(commercial) a very general, highly configurable, two part software system that captures and analyzes logged performance data from IP networked equipment and reports it via e-mail and web pages
NetworkControl is a utility that allows you to control and monitor your network interfaces, including wireless ones. NetworkControl also provides the connection IP, configuration and statistics (gleaned from "ifconfig" and updated each second), and provides graphic signal levels for wireless interfaces, handy for evaluating a system of wireless devices.
NetXMS is a new and rapidly developing monitoring system, released under GPL2 license. It can be used for monitoring entire IT infrastructure, starting with SNMP-capable hardware (like switches and routers) and ending with applications on your servers.
a tool for counting network traffic by using rules. Rule can be defined by source or destenation IP address, timeranges. Accounting result may be simple counter or histogram
lets you monitor NFS requests to any given machine, or the entire local network. It mostly monitors NFS client traffic (NFS requests); it also monitors the NFS reply traffic from a server in order to measure the response time for each RPC
NINO Is Not Openview
a network management solution to monitor your network, systems and applications: integrated, one tool for all. Features: SNMP, WMI, Response time performance monitoring, graphs with zoom, 3D topology view, events, reporting using HTML templates.
nmaplr is a nmap log reporting tool which will print out a text format report of a nmap log in the XML format (by using the -oX option).
a system and network monitoring software that runs on Unix systems and can poll network and system devices. It is capable of monitoringnameservers, web ports, host performance, syslogs, radius servers, BGP peers, etc. New monitors can be added easily (via a C or Perl API)
an interpreter of a declarative rule-based language designed for construction of state and event monitoring applications. For the purpose of constructing event streams and performing rule administration, it supports authenticated and encrypted peer-to-peer communication over TCP/IP, including encrypted file transfers, store-and-forward message queues, and remote command execution
an open source TCP/IP network monitoring tool written in Perl for UNIX
Network Map Divination is a network mapping program designed to automatically discover a local network, using SNMP to identify network devices and work out how they are physically connected together.
ntop is a Unix tool that shows the network usage, similar to what the popular top Unix command does. ntop is based on libpcap. Read more
ntopng is a network probe that shows network usage in a way similar to what top does for processes. It acts as a Web server, creating an HTML dump of the network status.
ntopng, the next generation version of the original ntop, is a network traffic probe that shows the network usage, similar to what the popular top Unix command does.
Nuhe is a rule based log monitoring system, which is capable of action when rules are matched againsts log(s) activity. Default Nuhe mode is to run on background (daemon), but it can also be used in foreground and log analyzer mode. Log analyzer mode just analyzes given logs and prints results to stdout; no action is taken when Nuhe is in analyzer mode.
a graphical traffic monitor that is similar to gkrellm or xisdnload but offers additional operation parameters and display formatting options
OpMon is a network and system monitoring application based on Nagios with extended support for capacity planning, SLA, SLM, network discovery, service catalogs, report schedule, and much more. OpMon provides a GUI for Nagios as well as full multi-language support.
Opsview is a network and application monitoring tool that extends the capabilities of Nagios. Read more
primarily a network monitoring tool for content/urls and network services, but it also has some other functions such as, task list, server list, log changes for servers and a vendor list
Packit (Packet toolkit) is a network auditing tool. Its value is derived from its ability to customize, inject, monitor, and manipulate IP traffic. By allowing you to define (spoof) nearly all TCP, UDP, ICMP, IP, ARP, RARP, and Ethernet header options, Packit can be useful in testing firewalls, intrusion detection/prevention systems, port scanning, simulating network traffic, and general TCP/IP auditing. Packit is also an excellent tool for learning TCP/IP.
PACT is a software package to do complete port accounting for SNMP-manageable devices like routers, hubs, and switches.
Passive Asset Detection System: a signature based detection engine used to passively detect network assets. It is designed to complement IDS technology by providing context to IDS alerts
PagePoker is a perl package / class file that defines a browser agent with many powerful features for monitoring and testing websites, including elaborate failure handling that can send email and trigger snmp traps.
Pandora is a flexible monitoring platform. Pandora addresses current needs for improving Internet middleware and infrastructure by providing both in-depth understanding of network usage and metrics to compare existing protocols. Pandora is flexible and easy to use and deploy.
Panoptes is a scalable, extensible network and host monitoring tool. It includes a dynamic Web management interface based on the Dojo toolkit.
PaquitoMeter is a small program that shows you statistics about your network transfers. You can choose between interfaces installed in your system, your language and the maximum speed your connection supports.
an Open Source passive network application response time monitor utilising packet capture (via libpcap), tracking sessions maintaining transaction state and collecting metrics of server/network response times, segment size negotiation and TCP window size advertisements
pcap2mysql is a network decoder and file exporter which reads pcap files or sniffs traffic and stores data in a MySQL database. It supports Ethernet, ARP, STP, IP, TCP, UDP, and ICMP. The application-layer protocols it supports are BitTorrent, DNS, FTP, HTTP, IRC, Mail, MSN, palltalk, POP3, SIP, SMTP, and SSH.
penemo is a network/server monitoring app. It's design allows simple ping/http checks, SNMP polls, as well as customized checks. When an error is detected, alerts can be sent via. email, or custom scripts can be executed.
PIX Logging Architecture
The PIX Logging Architecture [PLA] is a free and open-source project allowing for correlation of Cisco PIX Firewall Traffic and IDS Logs. PIX Log message parsing is performed through the use of the PLA parsing module or PLA Msyslogd module.
pmr is a command line filter that displays the data bandwidth and total number of bytes passing through a pipe.
pNRG is a package for maintaining and visualizing network data, particularly suited for historical trend analysis of network resources. pNRG doesn't need any explicit configuration and is able to auto-discover, mantain and graph new resources (either IPv4/IPv6 end hosts, network segments, MAC addresses, Autonomous Systems, etc.) as soon as they produce a traffic footprint.
Postbix is a plugin designed to work with Zabbix Enterprise Monitor to provide multi-tiered monitoring and performance and availability reporting and measurement for PostgreSQL databases, along with server performance metrics.
pppd-logger is software to log pppd connections in a MySQL database and browse it via a GUI. It can calculate costs based on traffic price and time price.
monitors the DSL connection of a Linux kernel 2.4.4 by reading the files /proc/net/pppoe and /proc/net/dev
a simple, easy to use program for displaying commonly needed / wanted statistics in real time about ingoing and outgoing TCP/IP traffic
PyNetSim is targeting the generation of background traffic and anomaly generation for testing anomaly detection algorithms.
uses the excellent and extensive qmail logging information to provide mrtg graphing
Qmrtg is a free tool to help monitoring the activity of a qmail mailserver. It's intended to be used with MRTG. Qmrtg is modular. Each module carries out a different log analysis. A super-module lets the user easily request any analysis without to know anything about the modules themselves.
Qt Network Monitor
Qt Network Monitor is a KISS network monitor thatshows how much bandwidth you are using on a daily basis.
Quick Look is a package to collect system statistics and output pretty graphics and (X)HTML pages. It allows system administrators to have a quick look on the status of their systems, without going for a more advanced (and heavier) solution.
a real-time, interactive graphical tool for monitoring Radiator Radius servers. It features monitoring of multiple remote Radiators, graphing, statistics, error and event logging, log viewing, radiator configuration viewing and modification, and alerts for significant events
RAIDmon2 is a simple perl-script for linux to monitor DELL's PERC/4 RAID-controller with SNMP. It uses a GTK-window or STDOUT as output. Requires Perl, GTK, snmpd und the PERC-MIB.
monitors your linux raid devices (/proc/mdstat). It can send you a mail when something goes wrong, or show the current status in a window
RANCID (Really Awesome New Cisco confIg Differ) collects a router's (or device's) configuration, including software and hardware (cards, serial numbers, etc.), and uses CVS to display differences from a previous collection.
relmon is a utility for monitoring websites of software projects for new releases. It crawls websites efficiently via HTTP or HTTPS using a configurable number of simultaneous connections and can parse HTML and XHTML documents as well as RSS 2.0 and Atom feeds.
Riemann aggregates events from your servers and applications with a powerful stream processing language. Send an email for every exception in your app. Track the latency distribution of your web app. See the top processes on any host, by memory and CPU. Combine statistics from every Riak node in your cluster and forward to Graphite. Track user activity from second to second.
rrd-snort is a script that creates a graph from alerts/events stored in a Snort database in order to see distribution of "top n" attack methods.
rtop is a simple, agent-less, remote server monitoring tool that works over plain SSH. It does not need any software to be installed on the server that you want to monitor. It works by establishing an SSH session, and running commands on the remote server to collect system metrics.
RUDE stands for Real-time UDP Data Emitter and CRUDE for Collector for RUDE. RUDE is a small and flexible program that generates traffic to the network, which can be received and logged on the other side of the network with the CRUDE. Currently these programs can generate and measure only UDP traffic.
an accounting package, used for monitoring traffic on a TCP/IP network through the internal OS specific
scans a list of addresses and networks for running SSH protocol servers and their version numbers. scanssh protocol scanner supports random selection of IP addresses from large network ranges and is useful for gathering statistics on the deployment of SSH protocol servers
Scotty allows you to implement site specific network management software using high-level, string-based APIs. The software is based on the Tool Command Language which simplifies the development of portable network management scripts.
Seagull is a multi-protocol traffic generator. Especially targeted towards IMS, Seagull supports Diameter (RFC3588 and all applications) over TCP/SCTP and IPv4/IPv6 , TCAP (over SS7 or Sigtran), XCAP over HTTP and Radius.
serialdump works with a special piece of cabling in order to allow users to non-intrusively monitor an RS-232 interface using a Unix box with 2 serial ports.
SerLooK is a tool aimed to inspect and debug serial line data traffic developed in a Linux+KDE environment. It can work as a classic point-to-point serial terminal mode or as a line snooper , monitoring the data exchanged between two hosts (needs a PCs equipped with at least two serial ports and a derived cable).
Shinken is an open source Nagios like tool, redesigned and rewritten from scratch. Its main goal is to meet today?s system monitoring requirements while still allowing compatibility to Nagios.
a packet analyzer for the game Everquest
Simple Infrastructure Capacity Monitor is a tool to monitor, graph and alert the capacity of computing devices and applications. SICM runs on a Windows or Linux device on your network, 24 hours every day, constantly recording the capacity parameters of any networked device using snmp, ping or custom modules. The recorded data is stored for later reference via a user friendly menu-driven web browser. E-mail alerts are raised if a user determined number of queries fail. (GPL license)
a monitoring tool for networked computers
Skipole Network Monitor
SkipoleMonitor is a network monitor which allows the user to input host IP addresses, it then pings these hosts every five minutes and displays their status via a built-in web server, on port 8000.
Simple Monitoring Evaluating and Logging Tool: a tool created to monitor the disks in a single host or an entire network
Smokegios is a small Perl5 application that reads a Nagios configuration file and generates Smokeping configuration for all the hosts defined.
SMTP Relay Checker
an SMTP open relay checker. Supports scanning of ip blocks and can output results to a webpage
SNARLsnmp is a monitoring tool for dynamic web applications. SNARLSNMP dynamically creates and assembles URLs and scans them at arbitrary intervals, performs predefined checks on URL content, size and timing, notifies a monitoring application via traps if a predefined error condition (event) has been met and delivers a snapshot of its current tests and result at any given time.
SNMP Browser for KDE
SNMP Browser for KDE displays data from SNMP devices. It uses Net-SNMP library.
a graphical SNMP monitoring tool designed mainly for WAN surveillance. It allows the user to view the states of network trunks, routers and any other SNMP-able equipment
snmp4zabbix provides a simple SNMP interface to the Zabbix monitoring solution. This lets Zabbix monitor itself using the Simple Network Management Protocol. This is an alternate solution to the Zabbix API for integration, to some extent, with any third party software capable of understanding SNMP.
a simple program that monitors bandwidth usage on a periodic basis and sends a SNMPv2 TRAP when the data rate exceeds a certain value
a tool to monitor SNMP devices. It is based on Qt and on the Net-SNMP library. It reads from devices like routers, printers or a snmp-deamon, and displays received data graphically
to remotely watch via SNMP the size and the memory used by each process. Snmpwatch will warn you if a process exceeds its `quota' of CPU or memory, theses limits are based on process and host name
sntop is an ncurses-based top-esque console utility for monitoring the connectivity of network hosts, supporting various advanced features and released under the GPL.
software implementation of Cisco's NetFlow traffic reporting system. It operates by listening (via libpcap) on a promiscuous interface and tracking traffic flows. This information is useful for network accounting, intrusion detection and forensics
Speedometer measures and displays the rate of data across a network connection or data being stored in a file.
provides an open framework for monitoring applications using SNMP. Specifically, it enables any program which can be queried via local commands to be health-checked by OpenNMS, Tivoli, OpenView, MRTG, RRDTool and many others
SpurTracer is a push-notification based monitoring solution for heterogenous loosely coupled IT infrastructures.
SrvReport is a simple and featureful server monitoring and reporting system. It will send every day a mail with the latest state of the server including traffic, cpu, mail, http, ftp reports and other logs. It can be easily configured.
State is a suite of tools for monitoring a network of machines. You tell State how your network looks and should behave, and State warns you when things start to deviate from that rhythm. Many different aspects of a network can be monitored, from disk space and load average to machine connectivity and service availability.
Suriwire is a plugin for Wireshark that displays Suricata generated alerts for a pcap file inside the Wireshark output.
a network monitoring tool designed to provide high performance and accurate network monitoring. Currently supported protocols include SMTP, IMAP, HTTP, TCP, UDP, NNTP, and PING tests
SysOrb Network Monitoring System
performs multi-platform active, passive and SNMP-based monitoring of networked servers, devices and processes/services. SysOrb contains a built-in data repositor for holding more than 4 years of high-resolution data
TCPWatch is a utility written in Python that lets you monitor forwarded TCP connections or HTTP proxy connections. It displays the sessions in a window with a history of past connections. It is useful for developing and debugging protocol implementations and web services.
Thoth Network Integrity Assurance
Thoth Network Integrity Assurance is an open-source distributed network monitoring system.
Thumper is a file monitor that highlights services and keywords dependant on its configuration file. Its purpose is to notify the user when an attack is underway.
TorApplet is a simple GNOME applet for managing and monitoring the basic activities of the Tor daemon. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet.
Torrus is designed to be the universal data series processing framework. It is an alternative software platform to MRTG, Cricket and Cacti. In most cases it brings more flexibility and performance.
Traffic tool Troll
Traffic tool Troll is a traffic monitoring and managing script. Traffic statistics are generated by port, hour, day, month, and year.
a small solution(3 files) for monitoring your traffic and bandwith
Various tools relating to the Simple Network Management Protocol including: An extensible agent, An SNMP library, tools to request or set information from SNMP agents, tools to generate and handle SNMP traps, a version of the unix 'netstat' command using SNMP & a Tk/perl mib browser
upnp2mrtg is a add-on for the mrtg (Multi Router Traffic Grapher). upnp2mrtg is a command line tool written in shell to gather statistics from an upnp enabled FritzBox DSL router.
designed to capture and log URLs that cross the network
Visual Raptor 7
Visual Raptor 7 is a full-featured UNIX System Administration tool and network monitoring system. Complete network status is available at a glance.
(shareware) a server-based ping engine and reporting tool designed for network administrators, Web-hosting companies, ASPs, and ISPs who need a fast, visual way to see how their service offering is running, and where problems occur
(shareware) a visual, fast, and integrated ping, whois, and traceroute program that automatically analyzes connectivity problems, displaying the results on a World map
allows you to show connected clients on WaveLAN WavePoint device and shows you signal/noise levels and statistics of lost IP packets for each connected client
a ncurses-based monitor for wireless devices. It allows you to watch the signal and noise levels, packet statistics, device configuration, and network parameters of a wireless network hardware
weblogMon is a plugin for MRTG that measures Web bandwidth utilization and hits per second.
WebMonX monitors websites for updates and changes - it saves time and always keeps you up-to-date by periodically checking these pages at set intervals.
WeWiMo (Web WiFi Monitor) is a script for monitoring computers connected to access point running Linux and hostap WiFi card driver (ZCom XI-626).
whoischk monitors a list of domains and report when there has been any change to the data reported in the whois database.
Wireshark (formerly Ethereal) is a network protocol analyzer, or "packet sniffer", that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality packet analyzer for Unix, and the most useful packet analyzer on any platform. Read more
WMND is a WindowMaker network device traffic monitoring dock app improved and based on WMiFS.
wmnet polls IP accounting rules and does a few things with the data it gets.
wmnetmon is a dockapp that monitors up to 40 hosts or services and can execute something there is a problem with any of them. The hosts and services are represented by LEDs, which blink red if they go down.
wmpload is a program to monitor ppp network device statistics.
wormulon is a program showing the current incoming/outgoing traffic in one line suitable for inclusion in the screen hardstatus line.
X Interface Monitor
X Interface Monitor monitors any network interface (most suitable, the ppp# interface) for traffic, load average, and various other statistics using purely ioctl() directly to the Linux kernel.
a X-based traffic monitoring program for Linux that displays information about IP traffic on selected interface
Xirrus Wi-Fi Monitor
The Xirrus Wi-Fi Monitor allows you to monitor your surrounding Wi-Fi environment and status of your Wi-Fi connection in real time - all directly from your desktop.
XSI is a system monitoring daemon that replies to network queries with XML-encoded system information and statistics. This data can then be analyzed, graphed or otherwise presented by a front-end. It is BSD-licensed and free for anyone to use for any purpose.
Xymon is a system for monitoring of hosts and networks, inspired by the Big Brother system. ?It collects information about the health of your computers, the applications running on them, and the network connectivity between them. Read more
Zabbix is software for application and network monitoring. Zabbix supports both polling and trapping techniques to collect data from monitored hosts. Flexible notification mechanism allows easy and quckly configure email norification for predefined events. Read more
The goal of this project is to provide better integration of syslog messages as defined in RFC 3164 and 5424 with Zabbix.
Zenoss Core is an enterprise network/systems management application that provides an integrated software package for monitoring. Zenoss provides application, server, and network management. availability, performance, events, and configuration across layers (network, servers, applications, environment, etc.) and across platforms (Linux, Windows, Unix, etc.). Zenoss Core is licensed under the GPL. Read more
ZorbipTraffic shows the IP traffic on a network interface in real time. It can display traffic statistics for each IP on your internal network, and it summarizes the total traffic for each IP per year, per month, and per day.
displays the activity of your network interfaces (eth0, eth1, etc) in an easy way. Curses based, IfaceMon will show you the activity as a bar graph