•        74

Collect events from many computers in network in one place




Related Projects

maltrail - Malicious traffic detection system

Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. for known malicious executable), IP address (e.g. for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware). Maltrail is based on the Traffic -> Sensor <-> Server <-> Client architecture. Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). In case of a positive match, it sends the event details to the (central) Server where they are being stored inside the appropriate logging directory (i.e. LOG_DIR described in the Configuration section). If Sensor is being run on the same machine as Server (default configuration), logs are stored directly into the local logging directory. Otherwise, they are being sent via UDP messages to the remote server (i.e. LOG_SERVER described in the Configuration section).

Zenoss - Open Source IT Management

Zenoss Core is an open source IT monitoring product that delivers the functionality to effectively manage the configuration, health, performance of networks, servers and applications through a single, integrated software package.

Monitoring Infrastructure

The Monitoring Infrastructure (MIS) is a toolkit for software developers. It provides a generic solution for monitoring events in applications and for graphical representation of those events in a Web Browser using SVG.

pyinotify - Monitoring filesystems events with inotify on Linux.

Monitoring filesystems events with inotify on Linux.

Cyphon - Incident Management and Response Platform

Cyphon eliminates the headaches of incident management by streamlining a multitude of related tasks through a single platform. It receives, processes and triages events to provide an all-encompassing solution for your analytic workflow — aggregating data, bundling and prioritizing alerts, and empowering analysts to investigate and document incidents.

Enterprise Monitoring, Windows Systems

Centrally monitor eventlogs, no agents needed; Send alerts to different people on different events; Integrated with ticket tracking system; Forward events to syslogd; Archive events into MYSQL/MSSQL; Web interface to search for events;

Sguil - The Analyst Console for Network Security Monitoring

Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis.

OSSEC - Host-based Intrusion Detection System

OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together in a simple, powerful and open source solution.


OpenNMS is the world's first enterprise grade network management platform developed under the open source model. A Java/XML-based Distributed Network & Systems Management platform.

SB EventLog Monitor

SB EventLog Monitor is monitoring and consolidating Windows EventLogs. Events are collected from server using VBS and WMI or by Windows agent. Events are parsed using PHP and YOUR rules and are stored in MySQL database. Email alerts are supported.


SmartWatcher is a simple windows service designed to watch a specific directories and taking specific actions to: Create - Change - Rename - Delete files events

Riemann - Monitors Distributed Systems

Riemann monitors distributed systems. It aggregates events from your servers and applications with a powerful stream processing language. Send an email for every exception raised by your code. Track the latency distribution of your web app. See the top processes on any host, by memory and CPU. Combine statistics from every Riak node in your cluster and forward to Graphite.

flower - Real-time monitor and web admin for Celery distributed task queue

Flower is a web based tool for monitoring and administrating Celery clusters. Flower API enables to manage the cluster via REST API, call tasks and receive task events in real-time via WebSockets.

PumpkinDB - Event Sourcing Database Engine

PumpkinDB is a event sourcing database engine that doesn't overwrite data. It features include Immutable key/value storage, ACID transactions, Binary keys and values (allows any encoding to be used: JSON, XML, Protobuf, Cap'n Proto, etc.), An embedded programming language (PumpkinScript), A range of event indexing and querying primitives.


ExoGraph is a graph library that leverages type information to optimize graph operations and notifications. The library exposes type-level events for object initialization, property retrieval, property path changes, and custom domain events within a graph context. C#

good - hapi process monitoring

good is a hapi plugin to monitor and report on a variety of hapi server events as well as ops information from the host machine. It listens for events emitted by hapi server instances and pushes standardized events to a collection of streams.See the Reporter Interface section of the API documentation on how to configure reporters.

XNA Toolkit

Toolkit of Components, Services, Wrappers, and Utilities for use in your XNA game. Currently provides a Stationary and First Person Camera component, Input service and component, Audio wrapper, and EventLogger (Windows Only). Weapon inventory, menu system, and performance tr...

Apache Metron - Real-time Big Data Security

Metron integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis. Metron provides capabilities for log aggregation, full packet capture indexing, storage, advanced behavioral analytics and data enrichment, while applying the most current threat intelligence information to security telemetry within a single platform.

riemann - A network event stream processing system, in Clojure.

Riemann aggregates events from your servers and applications with a powerful stream processing language.


MONARTIS is a MONitoring Application for Real-Time Industrial Systems It allows the developper of realtime application to monitor major RTOS kernel events as well as user events. It is possible to perform post-processing simulation.