The atsar command can be used to detect performance bottlenecks on Linux systems. It is similar to the sar command on other UNIX platforms. Atsar has the ability to show what is happening on the system at a given moment. It also keeps track of the past system load by maintaining history files from which information can be extracted. Statistics about the utilization of CPUs, disks and disk partitions, memory and swap, tty's, TCP/IP (v4/v6), NFS, and FTP/HTTP traffic are gathered. Most of the functionality of atsar has been incorporated in the atop project.
Spinlogs is a shell script for rotating system logs. It is configurable through a text file similar in format and featureset to the newsyslog program in FreeBSD. Any Unix system running ksh should be able to use it. There are many options defining how and when log files should be rotated, and the config file is very straightforward. Rotating log files is a pretty simple task, but some commercial platforms don't include anything better than the old "newsyslog", so this is provided as a system-independent alternative.
Installwatch is a simple utility which keeps track of which files are created and modified during the installation of a new program. It's fast and easy to use. It doesn't require a "pre-install" phase because it monitors processes while they run. Installwatch works with every dynamically linked ELF program, by intercepting system calls that cause file system alterations.
GWCC allows users to execute network utilities (ping, nslookup, traceroute), workstation commands (netstat, df, lpr), and do cool things like process grep from a single tabbed window. Command flags are highly configurable, results windows are savable and printable, and there is a System Stats tab showing you process info, current users, Apache server status, Samba status, and more.
ImSafe (Immune Security For your Enterprise) is a host-based intrusion detection tool. After a learning phase, it is able to detect changes in processes behavior, to detect buffer overflows, etc. It is implemented through a device driver (as a kernel patch) for the Linux kernel, but can also be run on other UNIX systems by using a "sensor" built upon strace.
RazorBack is a log analysis program that interfaces with the SNORT open source Intrusion Detection System to provide real time visual notification when an intrusion signature has been detected on the network. RazorBack is designed to work within the GNOME framework on Unix platforms.