EventLogger

  •        75

Collect events from many computers in network in one place

http://eventlogger.codeplex.com/

Tags
Implementation
License
Platform

   




Related Projects

maltrail - Malicious traffic detection system


Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain name (e.g. zvpprsensinaix.com for Banjori malware), URL (e.g. http://109.162.38.120/harsh02.exe for known malicious executable), IP address (e.g. 185.130.5.231 for known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in discovery of unknown threats (e.g. new malware). Maltrail is based on the Traffic -> Sensor <-> Server <-> Client architecture. Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). In case of a positive match, it sends the event details to the (central) Server where they are being stored inside the appropriate logging directory (i.e. LOG_DIR described in the Configuration section). If Sensor is being run on the same machine as Server (default configuration), logs are stored directly into the local logging directory. Otherwise, they are being sent via UDP messages to the remote server (i.e. LOG_SERVER described in the Configuration section).

Zenoss - Open Source IT Management


Zenoss Core is an open source IT monitoring product that delivers the functionality to effectively manage the configuration, health, performance of networks, servers and applications through a single, integrated software package.

pyinotify - Monitoring filesystems events with inotify on Linux.


Monitoring filesystems events with inotify on Linux.

Cyphon - Incident Management and Response Platform


Cyphon eliminates the headaches of incident management by streamlining a multitude of related tasks through a single platform. It receives, processes and triages events to provide an all-encompassing solution for your analytic workflow — aggregating data, bundling and prioritizing alerts, and empowering analysts to investigate and document incidents.

automatron - Infrastructure monitoring framework turning DevOps runbooks into automated actions


Automatron is a framework for creating self-healing infrastructure. Simply put, it detects system events & takes action to correct them. The goal of Automatron is to allow users to automate the execution of common tasks performed during system events. These tasks can be as simple as sending an email to as complicated as restarting services across multiple hosts.


Monitoring Infrastructure


The Monitoring Infrastructure (MIS) is a toolkit for software developers. It provides a generic solution for monitoring events in applications and for graphical representation of those events in a Web Browser using SVG.

Enterprise Monitoring, Windows Systems


Centrally monitor eventlogs, no agents needed; Send alerts to different people on different events; Integrated with ticket tracking system; Forward events to syslogd; Archive events into MYSQL/MSSQL; Web interface to search for events;

Sguil - The Analyst Console for Network Security Monitoring


Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis.

OSSEC - Host-based Intrusion Detection System


OSSEC is a full platform to monitor and control your systems. It mixes together all the aspects of HIDS (host-based intrusion detection), log monitoring and SIM/SIEM together in a simple, powerful and open source solution.

OpenNMS


OpenNMS is the world's first enterprise grade network management platform developed under the open source model. A Java/XML-based Distributed Network & Systems Management platform.

SB EventLog Monitor


SB EventLog Monitor is monitoring and consolidating Windows EventLogs. Events are collected from server using VBS and WMI or by Windows agent. Events are parsed using PHP and YOUR rules and are stored in MySQL database. Email alerts are supported.

SmartWatcher


SmartWatcher is a simple windows service designed to watch a specific directories and taking specific actions to: Create - Change - Rename - Delete files events

flower - Real-time monitor and web admin for Celery distributed task queue


Flower is a web based tool for monitoring and administrating Celery clusters. Flower API enables to manage the cluster via REST API, call tasks and receive task events in real-time via WebSockets.

sysmon-config - Sysmon configuration file template with default high-quality event tracing


This is a Microsoft Sysinternals Sysmon configuration file template with default high-quality event tracing. The file provided should function as a great starting point for system change monitoring in a self-contained package. This configuration and results should give you a good idea of what's possible for Sysmon. Note that this does not track things like authentication and other Windows events that are also vital for incident investigation.

Riemann - Monitors Distributed Systems


Riemann monitors distributed systems. It aggregates events from your servers and applications with a powerful stream processing language. Send an email for every exception raised by your code. Track the latency distribution of your web app. See the top processes on any host, by memory and CPU. Combine statistics from every Riak node in your cluster and forward to Graphite.

PumpkinDB - Event Sourcing Database Engine


PumpkinDB is a event sourcing database engine that doesn't overwrite data. It features include Immutable key/value storage, ACID transactions, Binary keys and values (allows any encoding to be used: JSON, XML, Protobuf, Cap'n Proto, etc.), An embedded programming language (PumpkinScript), A range of event indexing and querying primitives.

huginn - Create agents that monitor and act on your behalf. Your agents are standing by!


Huginn is a system for building agents that perform automated tasks for you online. They can read the web, watch for events, and take actions on your behalf. Huginn's Agents create and consume events, propagating them along a directed graph. Think of it as a hackable version of IFTTT or Zapier on your own server. You always know who has your data. You do. Join us in our Gitter room to discuss the project.

influxdb - Scalable datastore for metrics, events, and real-time analytics


InfluxDB is an open source time series database with no external dependencies. It's useful for recording metrics, events, and performing analytics. If you're feeling adventurous and want to contribute to InfluxDB, see our contributing doc for info on how to make feature requests, build from source, and run tests.

ExoGraph


ExoGraph is a graph library that leverages type information to optimize graph operations and notifications. The library exposes type-level events for object initialization, property retrieval, property path changes, and custom domain events within a graph context. C#

good - hapi process monitoring


good is a hapi plugin to monitor and report on a variety of hapi server events as well as ops information from the host machine. It listens for events emitted by hapi server instances and pushes standardized events to a collection of streams.See the Reporter Interface section of the API documentation on how to configure reporters.