The goal of JavaMelody is to monitor Java or Java EE application servers in QA and production environments. It is a tool to measure and calculate statistics on the real operation of an application depending on the usage of the application by users. JavaMelody is easy to integrate in most applications. JavaMelody is mainly based on charts and statistics of requests, such as memory, CPU, HTTP, EJB, Spring, Guice, JSP, JSF, Struts, or SQL requests.
bmon is a portable bandwidth monitor and rate estimator. It supports various input methods for different architectures. Various output modes exist, including an interactive curses interface, lightweight HTML output, and simple ASCII output. Statistics may be distributed over a network using multicast or unicast and collected at some point to generate a summary of statistics for a set of nodes.
fireparse is an ADMLogger plugin that emails a report of all packets that have been logged by the kernel's packet filtering subsystem (iptables/netfilter or ipchains). The report includes source and destination ports, direction, logged packet count, matched rule, and fully resolved host names (if available). The email report can be formatted to plain text or a colored HTML table.
conntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.
tcptrack is a packet sniffer, which passively watches for connections on a specified network interface, tracks their states, and lists them in a manner similar to the Unix 'top' command. It displays source and destination addresses and ports, connection state, idle time, and bandwidth usage.
trend is a general-purpose, efficient trend graph for "live" data. Data is read in ASCII format from a file or continuously from a FIFO, and is played in real-time into a multi-pass trend (much like a CRT oscilloscope or a strip chart). trend can be used as a rapid analysis tool for progressive or time-based data series together with trivial scripting.
Logcheck parses system logs and generates email reports based on anomalies. Anomolies can be defined by users with 'violations' files. It differentiates between 'Active System Attacks', 'Security Violations', and 'Unusual Activity', and is smart enough to remember where in the log it stopped processing to improve efficiency. It can also warn when log files shrink, and does not report errors when they are rotated.
httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields.
Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like CheckPoint, Netfilter, IPFilter, Packet Filter, Cisco PIX/ASA, NetScreen, TippingPoint, and Lucent BRICK in a similar way.