Performance Co-Pilot (PCP) is a framework and set of services for supporting system-level performance monitoring and performance management. It provides a unifying abstraction for all of the interesting performance data in a system, and allows client applications to easily retrieve and process any subset of that data using a single API. A client-server architecture allows multiple clients to monitor the same host, and a single client to monitor multiple hosts. Archive logging and replay are integrated so that a client application can use the same API to process real-time data from a host or historical data from an archive.
GoAccess is a real-time Web log analyzer and interactive viewer for almost every Web server. It runs in a terminal and provides fast and valuable HTTP statistics for system administrators that require log monitoring and visual reports on the fly. GoAccess can monitor unique visitors, browsers, spiders, OS, hosts and IP geolocation, keyphrases, referring sites, status codes, etc. It has support for IPv6 and it parses nearly any Web log format.
LogAnalyzer is a Web front-end for syslog and other network event data. It provides easy browsing, searching, basic analysis, and some graphics. Data is taken from databases or plain syslog text files, so LogAnalyzer does not require changes to an existing logging infrastructure. Depending on the log data present, it can process syslog messages, Windows event log entries, and some more exotic things. Its troubleshooting support enables users to quickly find solutions to problems seen in the log data. LogAnalyzer was previously called phpLogCon, and has been renamed since v3.
fping is a ping-like program which uses the Internet Control Message Protocol (ICMP) echo request to determine if a target host is responding. fping differs from ping in that you can specify any number of targets on the command line, or specify a file containing the lists of targets to ping. Instead of sending pings to one target until it times out or replies, fping will send out a ping packet and move on to the next target in a round-robin fashion.
Kismet is an 802.11 layer 2 wireless network detector, sniffer, and intrusion detection system. It will work with any wireless card which supports raw monitoring (rfmon) mode, and can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic (device drivers permitting). It identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and inferring the presence of non-beaconing networks via data traffic.
TrinityOS is a step-by-step, example-driven HOWTO on building a very functional Linux box with strong security in mind. TrinityOS is well known for its strong packet firewall ruleset, Chrooted and Split DNS (v9 and v8), secured Sendmail (8.x), Linux PPTP, Serial consoles and Reverse TELNET, DHCPd, SSHd, UPSes, system performance tuning, the automated TrinityOS-Security implementation scripts, and much more.
L7-filter is a packet classifier for Netfilter that identifies packets based on application layer (OSI layer 7) data. This means that it is able to classify packets as HTTP, FTP, Gnucleus, Kazaa, etc., regardless of ports. It complements existing matches that classify based on port numbers, packet length, TOS bits, and so on. Combined with Linux QoS, it allows for full layer 7 packet shaping.
procps is a package of utilities which includes ps, vmstat, top, w, skill, snice, pgrep, pkill, free, sysctl, pmap, uptime, and kill. These utilities report what is running, who is logged in, how long the system has been running, and what is using up memory. They can be used to kill processes and change run-time kernel configuration values.