Please click our sponsor
| UNIX Sniffers/Network Logging Utilities Section | |
| Colorlogs color codes your logfiles for simpler reading. Sit at a distance and watch for specified colors in the logfile output to alert you of unusual activity. Changes: Many more display options, improved config file and handling of special characters. By J-Dog. | |
| Colorlogs v1.0 - Colorlogs color codes your logfiles for simpler reading. Sit at a distance and watch for specified colors in the logfile output to alert you of unusual activity. By J-Dog. | |
| E-LogMonitor is an Enlightenment epplet that monitors various log files for the occurence of specified keywords. It supports up to 20 file/keyword combinations and provides various ways of alerting the user if a keyword has been detected. Homepage here. By Bart Cichosz | |
| Hacked syslog front-end script. | |
| SRS is the largest syslog implementation for Unix (or any operating system). It has its own original protocol to ensure reliability. Homepage here. By Matt Conover | |
| Sportal is made for people that need to know what is going on in their systems. It monitors files that you select, for "hot words" that you also select, through a graphical interface. When a hot word is found in the file being watched, it will let you know. There is no restriction on the numbers of files or hot words. Changes: A lot of bug fixes, a new pallete of colors, faster text scroll, and finished transparent background support. Homepage here. By Rodrigo Alvaro Diaz Leven | |
| Inspired by ColorLogs, acl (Advanced Color Logs) has advanced parsing capabilities, including multiple search strings and negative search strings (matches if the string is not found in the line). It's very useful for highlighting important or non-standard messages from daemons, while not highlighting standard status messages from the same daemons. Changes: Much more configurability, can "wake up" a console that has been blanked, and special processing for syslog-format files to configure a color for the timestamp, specifying different colors depending on what host generated the message (if syslog is logging remote messages as well) and specification of a special color for highlighting messages from different daemons. Homepage here. By Patrick Mullen | |
| Arpwatch is a tool that monitors ethernet activity and keeps a database of ethernet/ip address pairings. It also reports certain changes via email. Arpwatch requires tcpdump and libpcap. Includes FDDI support, updated ethercodes, uses autoconf. Homepage here. | |
| bash-2.04-bofh-0.0.1.tar.gz is a patch to bash 2.04 that logs commands run from bash to syslog under the USER facilityr. The program does not need elevated privileges to send to syslog, so a shell run by a user can log the commands the users issues to syslog but(providing you have sane syslog file permissions) the user cannot modify or erase logentries like they can with their .bash_history which contains pretty much the same information but is owned by the user in his home directory and also is possible to evade by setting the HISTFILE variable to NULL. Homepage here. By Tomas of the C5 Group | |
| Network traffic analysis tool. | |
| Network traffic analysis tool. | |
| ESM (Extensible System Monitor) is a program that lets you tie together plugins to monitor your system. This could be used to alert by email or pager in the event of hard drive failure, tripwire alerts, high load, etc. All of this is done automatically. Features fault-tolerent design, unlimited number of agents, simple API, comes with Mailreport and a monitor called ESMSyslog. Homepage here. | |
| exec.c 1.0.4 is a kernel module which logs all the commands executed on the system. Extremely powerful stealth logging made easy! Changes: This release fixes a memory allocation problem. Please update to the current version if you use the module. This module should work on 2.2.* kernels. By Pat Szuta | |
| A program for faking the standard unix udp-based traceroute. | |
| inflog (Invalid Flag Logging) is a network tool for detecting QueSO scans. Currently it will only compile under Linux. | |
| iplog is a collection of tcp, udp, and icmp logging programs, and features "stealth" port scan detection. By behe. | |
| iplog is a collection of tcp, udp, and icmp logging programs, and features "stealth" port scan detection. By behe. | |
| iplog is a collection of daemons that log tcp, udp, and icmp traffic, and also detects 'stealth' scans used by port scanners such as nmap, protects against SYN floods, and logs remote user information. This release features: option (defaults to on) to NOT fill the logs with a "smurf" icmp attack, fixed lame drop privs code, added logfile support, icmplog is MUCH more informative now, logs redirects, etc correctly, more. By behe. | |
| iplog is a collection of tcp, udp, and icmp logging programs, and features "stealth" port scan detection. By behe. | |
| iplog is a collection of daemons that log tcp, udp, and icmp traffic, and also detects 'stealth' scans used by port scanners such as nmap, protects against SYN floods, and logs remote user information. This release features: throttled portscan detector with a 10 port/sec threshold, does not log quake traffic, organized growing number of include files, now uses own htons/ntohs functions to avoid problems with redhat(?). By behe. | |
| iplog is a collection of daemons that log tcp, udp, and icmp traffic, and also detects 'stealth' scans used by port scanners such as nmap, protects against SYN floods, and logs remote user information. This release features lots of bugfixes. By behe. | |
| iplog is a collection of daemons that log tcp, udp, and icmp traffic, and also detects 'stealth' scans used by port scanners such as nmap, protects against SYN floods, and logs remote user information. This release features: fixed signal stuff, added smurf detection to udplog (die tfreak), limited router adertisement stuff to 16 routers (ojnk), added easy-as-hell installation (just type make install). By behe. | |
| See description above. | |
| iplog v1.8 is a collection of daemons that log tcp, udp, and icmp traffic. It has features not available in other traffic logging programs, including detecting 'stealth' scans used by port scanners such as nmap, protection against SYN floods, and logging of remote user information. Changes: Updates include fixes for an obscure crash, memory leaks, as well as optimizations and improvements. By behe. | |
| iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Homepage here. By Odin. | |
| iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time. Changes: Bug fixes and documentation updates. Homepage here. By Odin | |
| iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time. Changes: The capability to run in promiscuous mode and monitor a whole network was added. Lots of bug fixes were made. Homepage here. By Odin | |
| iplog is a TCP/IP traffic logger. Currently, it is capable of logging TCP, UDP and ICMP traffic. iplog 2.0 is a complete re-write of iplog 1.x, resulting in greater portability and better performance. iplog 2.0 contains all the features of iplog 1.x as well as several new ones. Major new features include a packet filter and detection of more scans and attacks. It currently runs on Linux, FreeBSD, OpenBSD, BSDI and Solaris. Ports to other systems, as well as any contributions at all, are welcome at this time. Changes: Detects a new form of Xmas scan, new option to only log scans, new verbose option to log bad checksums and short header lengths, re-opens interfaces that go down. Homepage here. By Odin | |
| Sorry, a description is unavailable. | |
| IPlogLED is a logger for IP packets via keyboard LEDs. It logs ICMP, UDP, and TCP connections. Homepage here. By Whoix Dump | |
| ippl v0.11 IP protocols logger - Highly configurable IP protocols logger (ICMP, TCP, UDP). By Hugo Haas and Etienne Bernard. | |
| ippl v0.13 is a highly configurable IP protocols logger (ICMP, TCP, UDP). It is a daemon which logs IP packets sent to a computer. It runs in the background, and displays information about the incoming packets. Criteria can be used to specify what packets should be logged and what packets should be ignored. Multi-threaded, chained-list filtering mechanism, DNS caching, much more. By Hugo Haas and Etienne Bernard. | |
| Sorry, a description is unavailable. | |
| ippl v1.0 is a highly configurable IP protocols logger (ICMP, TCP, UDP). It is a daemon which logs IP packets sent to a computer. It runs in the background, and displays information about the incoming packets. Criteria can be used to specify what packets should be logged and what packets should be ignored. Multi-threaded, chained-list filtering mechanism, DNS caching, much more. By Hugo Haas and Etienne Bernard. | |
| ippl v1.1 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. By Hugo Haas and Etienne Bernard. | |
| ippl v1.2.1 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. By Hugo Haas and Etienne Bernard. | |
| ippl v1.2.2 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. By Hugo Haas and Etienne Bernard. | |
| ippl v1.2.4 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. By Hugo Haas and Etienne Bernard. | |
| ippl v1.2 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. By Hugo Haas and Etienne Bernard. | |
| ippl v1.3.3 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. Now implements ident queries, has improved configurability. Note: the format of certain rules have changed. By Hugo Haas and Etienne Bernard. | |
| ippl v1.3.6 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. New in this release: numerous bugfixes, added logclosing/nologclosing rule, added configuration capabilities, modified configure and install scripts. By Hugo Haas and Etienne Bernard. | |
| ippl v1.3.7 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. New in this release: added the possibility to change the user running the logging threads, bugfixes. By Hugo Haas and Etienne Bernard. | |
| ippl v1.3.8 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. New in this release: minor bugfix, added filter debugging code. By Hugo Haas and Etienne Bernard. | |
| ippl v1.3.9 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. New in this release: bugfix, added code to debug parsing mechanism (--enable-parsing-debug). By Hugo Haas and Etienne Bernard. | |
| ippl v1.4.0 is a highly configurable IP (ICMP, TCP, UDP) protocols logger. It currently logs incoming ICMP messages, TCP connections, and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. Numerous bugfixes in this release. By Hugo Haas and Etienne Bernard. | |
| see description above | |
| see description above | |
| Sorry, a description is unavailable. | |
| ippl v1.4.3 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger. Changes: Correctly fixes the potential denial of service attack. By Hugo Haas & Etienne Bernard. | |
| ippl 1.4.4 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger. Changes: Applied patch solving a problem related to the parsing of port ranges. ippl-1.4.4.tar.gz.sign By Hugo Haas & Etienne Bernard. | |
| Sorry, a description is unavailable. | |
| ippl v1.4.5 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger. Changes: fixed a possible buffer overflow problem. ippl-1.4.5.tar.gz.sign By Hugo Haas & Etienne Bernard. | |
| Sorry, a description is unavailable. | |
| See description above. Changes: fixed a configuration parsing problem. | |
| Sorry, a description is unavailable. | |
| ippl v1.5.0 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger. Changes: Implemented the possibility to define the logging mechanism (either file or syslog level) on a per-rule basis. ippl-1.5.0.tar.gz.sign By Hugo Haas & Etienne Bernard. | |
| Sorry, a description is unavailable. | |
| ippl v1.5.1 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger. Changes: Added DNS resolution checking, Used #defined constants for ICMP values in ippl.l, Modified the unknown ICMP type case to display the type and code of the message, code cleanup. ippl-1.5.1.tar.gz.sign By Hugo Haas & Etienne Bernard. | |
| Sorry, a description is unavailable. | |
| ippl v1.5.3 is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger. Changes: fixed a buffer overflow problem in ident.c, draft implementation of attacks detection (can now detect ping flood), added checks after mallocs (if there is a memory allocation problem, the program stops), reverse DNS resolutions now use cache. ippl-1.5.3.tar.gz.sign By Hugo Haas & Etienne Bernard. | |
| Sorry, a description is unavailable. | |
| ippl -vs- iplog -vs- protolog comparison - Very informative blow-by-blow comparison of three popular traffic logging programs: ippl, iplog, and protolog. By pho. | |
| ippl is a configurable IP protocols logger. It currently logs incoming ICMP messages, TCP connections and UDP datagrams. It is configured with Apache-like rules and has a built-in DNS cache. It is aimed to replace iplogger. Changes: Completely rewritten to use libpcap. Various changes including IP options, updated man page & ippl.conf, message repetition. Display bug, pidfile.c, and disabled threads on loopback bugs fixed. Homepage here. By Hugo Haas | |
| jail(Just Another ICMP Logger) is a small program which runs in the background, logging the reception of ICMP packets to the system log. | |
| See description above. | |
| See description above. | |
| See description above. | |
| See description above. | |
| See description above. | |
| See description above. | |
| Libraries needed for latest alpha release snapshots of syslog-ng. By Balazs Scheidler. | |
| Libraries needed for latest alpha release snapshots of syslog-ng. By Balazs Scheidler. | |
| Directory: Sorry, a description is unavailable. |
|
| Libraries needed for latest alpha release snapshots of syslog-ng. By Balazs Scheidler. | |
| Libraries needed for latest alpha release snapshots of syslog-ng. By Balazs Scheidler. | |
| Libraries needed for latest alpha release snapshots of syslog-ng. By Balazs Scheidler. | |
| libol-0.2.16 is needed for syslog-ng 1.4.3. Homepage here. | |
| Libraries needed to compile syslog-ng-1.2.0. By Balazs Scheidler. | |
| logarp is a small perl script which uses tcpdump to grab ethernet and source IP addresses. It runs on the system "learning" these addresses, and logging ether/ip address mismatches. It monitors ethernet/IP address mapping and generates a list of mismatches to stdout. Useful for seeing if users on your subnet are "stealing" IP addresses. Alpha code! Requires perl and tcpdump. Homepage here. | |
| Sorry, a description is unavailable. | |
| Sorry, a description is unavailable. | |
| README for logdaemon-5.7.tar.gz | |
| Daemons to replace rsh and rlogin with those that log the remote host/user names and provides tcp wrapper access control. Replaces daemons on SunOS, Solaris, Ultrix 4.x. Supports S/KEY style passwords for login/ftp and rexec for many other flavours of UNIX. | |
| Linux Packet Logging Comparison Chart - An excellent comparison of the strengths, features, and weaknesses of five popular packet logging programs for Linux: iplog v1.8, ippl v1.4.5, protolog v1.0.8, jail v1.5, tcplogd-e v0.1.5. By pho. | |
| logit is a drop-in replacement for syslog - claims 100% klogd/syslogd compatibility. Supports md5 crypto for data sent over the network to the loghost, limits access to community log files to a group, and other functionality. Homepage here. | |
| LogIt is a logging tool that can be used to analyze all incoming ip datagrams (-i option, default), or all datagrams through an ethernet device (-n option <device>, usually with -p option to put the device into promiscuous mode). LogIt can detect Queso, NMAP, TrivialFTP, ICMP Attacks, and just about anything else thrown at it. LogIt has good plugin support, optional Gtk interface, and recognizes a wide variety of protocols. By J.J.F. / Hackers Team. | |
| Sorry, a description is unavailable. | |
| miplog v1.2 logs tcp, icmp and udp packets to your Linux box. This is a little hack of Mike Edulla's iplogger. By Stefano Borini. | |
| multisort can merge multiple httpd logs from a single website distributed on multiple hosts (through round-robin DNS, for example) into a single date-ordered log. It's useful for preprocessing logs before feeding them to analyzers. It's written in C and is quite fast. By Zach Beane | |
| NetGuard v0.0.3 - The NetGuard package consists of two small programs (TCPguard and UDPguard) that detect TCP and UDP connections/packets. This latest release uses route's libnet, is able to kill connections, uses bitmasks to get flags, detects Queso connection attempts, has better SYN-flood detection code, more. By Monk. | |
| The NetGuard package consists of two small programs (TCPguard and UDPguard) that detect TCP and UDP connections/packets. Using route's libnet, netguard is able to kill connections, detects half-open TCP connections, LAND attcks, WINNUKE attacks, HPING packets, QUESO probes, SYN-floods, PORTD scans, and more. By Monk. | |
| Netguard 2.0.0 is a lightweight IDS and packet sniffer. It supports Ethernet, PPP, FDDI and local loopback (for debuging). It can log IP, TCP, UDP, ICMP and IGMP packets according to the rules YOU sepcify to syslog, a file or standard input. Uses libpcap. Changes: Full rewrite. Most types of ip/tcp/udp/icmp/igmp header flags can be configured to set off alarms. Released under GPL. Homepage here. By Monk | |
| NetGuard v0.0.2 - NetGuard contains two small programs which intercept all tcp/ip and udp/ip packets. For tcp, TCPguard checks if it's a connection request and, if it is, it dumps some data to syslog. UDPguard sends data to syslog about ALL udp/ip packets it encounters. Thanks monk! | |
| nsyslogd v4.00beta2 is a replacement syslogd and the program upon which syslog-ng is based. nsyslogd can be used with SSL for secure logging, and will run as a drop-in replacement for syslogd on most operating systems. By Darren Reed. | |
| Perro (The Internet Protocols logger) is a set of three daemons that log incoming IP/TCP, IP/UDP and IP/ICMP packets. It also produces detailed log files. Changes: A Y2K fix. Homepage here. By Diego Javier Grigna | |
| Plogd v2 - syn/udp/icmp packet logger (freebsd version). Homepage here. By Przemyslaw Frasunek | |
| Protolog (The Internet Protocols logger) consists of three daemons that logs incoming IP/TCP, IP/UDP and IP/ICMP packets. Also produces detailed logs. By Diego Javier Grigna. | |
| Protolog v1.0.1 - Protolog (The Internet Protocols logger) consists of three daemons that logs incoming IP/TCP, IP/UDP and IP/ICMP packets. Also produces detailed logs. By Diego Javier Grigna. | |
| Protolog v1.0.2 - Protolog (The Internet Protocols logger) - consists of three daemons that logs incoming IP/TCP, IP/UDP and IP/ICMP packets. Also produces detailed logs. By Diego Javier Grigna. | |
| Protolog (The Internet Protocols logger) is a set of three daemons that logs incoming IP/TCP, IP/UDP and IP/ICMP packets. Also produces detailed logs. By Diego Javier Grigna. | |
| Protolog (The Internet Protocols logger) is a set of three daemons that logs incoming IP/TCP, IP/UDP and IP/ICMP packets. Also produces detailed logs. 27k. By Diego Javier Grigna. | |
| See description above. | |
| Protolog (The Internet Protocols logger) is a set of three daemons that logs incoming IP/TCP, IP/UDP and IP/ICMP packets. Also produces detailed logs. By Diego Javier Grigna. | |
| Protolog (The Internet Protocols logger) is a set of three daemons that logs incoming IP/TCP, IP/UDP and IP/ICMP packets. Also produces detailed logs. By Diego Javier Grigna. | |
| Ping Sting 1.0 - pingsting is an application that monitors networks for ICMP Echo Requests and attempts to determine what application generated the ICMP packets. The method and weaknesses of this method are described at the end of this document. Homepage here. By Anthony Osborne | |
| A program for logging and faking the standard unix udp-based traceroute. | |
| Rotorouter v1.0 - Log incoming traceroutes, and optionally generate false responses. Linux. | |
| RotoRouter v1.9b - RotoRouter (pronounced row-toe row-ter) allows you log incoming traceroutes, and optionally generate false responses, allowing you to control what appears on someones traceroute. It can then forge replies. This beta version uses libpcap; the spoofed replies are broke but logging does seem to work well on non-linux systems. By Humble. | |
| A collection of shell scripts for "sanitizing" tcpdump trace files to address privacy and security concerns. By Lawrence Berkeley National Laboratory. | |
| See below. | |
| Smurf Logger 1.1, new release with bugfixes. Logs smurf attacks and the broadcast address being used. | |
| SmurfLog v2.1 - This program is designed to log smurf attacks and the amplifier networks. Essentially, it is an ICMP Echo Reply logger in which logging only begins after passing a certain threshold rate of packets/sec and kilobytes/sec from incoming echo replies. By humble. | |
| Promiscuous SNMP PDU sniffer. | |
| snplog-1.0 (Simple Network Protocol logger) consists of three daemon programs icmplogd, udplogd and tcplogd. | |
| Sportal is made for people that need to know what is going on in their systems. It monitors files that you select, for "hot words" that you also select, through a graphical interface. When a hot word is found in the file being watched, it will let you know. There is no restriction on the numbers of files or hot words. Changes: A fix for a typo in the source, implementation of transparent windows, a lot of new options in the main GUI, and available binary RPMs and static versions. Homepage here. By Rodrigo Alvaro Diaz Levin | |
| Squidtaild is a Squid log file monitoring program that will crosscheck new access.log entries with user-defined filters and report all hits (using HTML pages, email, or winpopups). It is ideal for schools and businesses that wish to monitor their Internet activity for policy violations (that can be custom generated). Changes: This complete Perl rewrite of Trailer is faster, more flexible, and offers more options. Homepage here. By Stefan Folkerts | |
| Cryptographically secure system logging tool that replaces UNIX syslog. By core sdi s.a.. | |
| Secure Syslog. Replacement for UNIX syslog. | |
| Sorry, a description is unavailable. | |
| Sorry, a description is unavailable. | |
| See below. | |
| The sysklogd package implements two system log daemons. Contains new version of syslogd, and has a klogd daemon that 'listens' to kernel log messages, prioritizes them and routes them to either output files or to syslogd. | |
| sysklogd v1.3-31 - The sysklogd package implements two system log daemons. The syslogd daemon is the general system logging daemon which is responsible for handling requests for syslog services. This version of syslogd is similar to the standard Berkeley product but with a number of compatible extensions. The klogd daemon runs either standalone or as a client of syslogd. Klogd 'listens' to kernel log messages, prioritizes them and routes them to either output files or to syslogd. This version of klogd will optionally translate kernel addresses to their symbolic equivalents if provided with a system map. By Dr. G.W. Wettstein. | |
| syslog-ng is a syslogd replacement that adds greater functionality to syslogging, such as the possibility to filter based on message contents using regular expressions, intuitive and powerful configuration scheme, support for transporting messages over TCP, storing digital fingerprints of each message, and much more. By Balazs Scheidler. | |
| See description above. Now with experimental AIX support. | |
| syslog-ng is a syslogd replacement that adds greater functionality to syslogging, such as the possibility to filter based on message contents using regular expressions, intuitive and powerful configuration scheme, support for transporting messages over TCP, storing digital fingerprints of each message, and much more. By Balazs Scheidler. | |
| syslog-ng v1.1.1 is a syslogd replacement that adds greater functionality to syslogging, such as the possibility to filter based on message contents using regular expressions, intuitive and powerful configuration scheme, support for transporting messages over TCP, storing digital fingerprints of each message, and much more. Numerous changes, bugfixes, and code optimizations since the 1.0.4 release. This is an Alpha version, but check it out. By Balazs Scheidler. | |
| See description above. Changes: Some Solaris portability fixes. Requires libol-0.1.8 to compile. By Balazs Scheidler. | |
| See description above. Changes: Bug fixes introduced by previous portability fixes. Internal messages come from a special log source called internal. For an example see this config file. Requires libol-0.1.8 to compile. By Balazs Scheidler. | |
| syslog-ng 1.1.12 - syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. It supports transporting messages over TCP, stores digital fingerprints of each message, so that unauthorized modification can be detected, and other nice thingies. Changes: Fixed a couple of bugs, and made it compile on Solaris. Although not full featured compared to the stable versions, it seems to be very stable. Fixed several memory leaks and some other bugs. Requires libol-0.1.9 to compile. By Balazs Scheidler. | |
| See description above. Changes: bugfix release. | |
| See description above. Changes: Two filters have been added (host, match), one of them implements filtering based on source hostname, so you can use syslog-ng as a central log host and write each source to different files, changed program filter to use regexps, bugfixes. | |
| syslog-ng 1.1.15 - syslog-ng is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. It supports transporting messages over TCP, stores digital fingerprints of each message, so that unauthorized modification can be detected, and much more. Changes: Fixed UDP hostnames, added long_hostname option, which turns off syslog-ng like hostname generation (compatible with earlier syslogds). Requires libol-0.1.14 to compile. By Balazs Scheidler. | |
| See description above. Changes: Bugfixes, and sync() option added. | |
| See description above. | |
| See description above. Changes: Fixed a couple of compilation bugs. Requires libol-0.1.16 to compile. | |
| See description above. Changes: Fixed a couple of bugs. Requires libol-0.1.17 to compile. | |
| syslog-ng v1.1.2 - See description below. By Balazs Scheidler. | |
| See description above. Changes: The development branch is reaching stability (several build errors have been worked out, readded debian control information to the archive, and a few bugs have been fixed). This version should be usable even for end-users, though advanced cryptographic features are not yet available. | |
| See description above. Changes: Fixed a kill -HUP bug, which resulted in a SIGSEGV on the second restart. | |
| See description above. Changes: Experimental sun door support, and new destination: usertty, which allows you to direct log messages to a logged in user's tty. Requires libol-0.1.18.tar.gz to compile. | |
| syslog-ng 1.1.23 - syslog-ng is a syslogd replacement, but with lots of added functionality. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. It supports transporting messages over TCP, stores digital fingerprints of each message, so that unauthorized modification can be detected, and much more. Changes: The development branch gets closer to stability. Changes include a few bug fixes, experimental solaris door support. For details check the ChangeLog. By Balazs Scheidler. | |
| syslog-ng v1.1.3 is a syslogd replacement that adds greater functionality to syslogging, such as the possibility to filter based on message contents using regular expressions, intuitive and powerful configuration scheme, support for transporting messages over TCP, storing digital fingerprints of each message, and much more. Numerous changes, bugfixes, and code optimizations since the v1.0.4 (last stable) release. This is an Alpha version, but check it out. By Balazs Scheidler. | |
| syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. By Balazs Scheidler. | |
| syslog-ng 1.1.5 - syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. It supports transporting messages over TCP, stores digital fingerprints of each message, so that unauthorized modification can be detected, and much more. Changes: The first nearly-usable version in the development branch. New filter rule parsing and evaluation is in place. In functionality it's more or less equal to the standard syslogd. More advanced features are to be added soon. By Balazs Scheidler. | |
| syslog-ng 1.1.8 - syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. It supports transporting messages over TCP, stores digital fingerprints of each message, so that unauthorized modification can be detected, and much more. Changes: modified priority filter syntax, added tcp and udp support, and program filter, added udp, tcp sources and destinations, so syslog-ng can act as a log forwarder between firewalled segments. By Balazs Scheidler. | |
| syslog-ng 1.1.9 - syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. It supports transporting messages over TCP, stores digital fingerprints of each message, so that unauthorized modification can be detected, and other nice thingies. Changes: This is the first version for a wider audience. It parses command line parameters, goes into the background by default, and reopens closed channels automatically. Check the homepage for compilation instructions. By Balazs Scheidler. | |
| Syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. Changes: A new stable series started with this release. Version 0.2.5 of libol is required to compile syslog-ng now. By Balazs Scheidler. | |
| syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pair, syslog-ng adds the possibility to filter based on message contents using regular expressions. The new configuration scheme is intuitive and powerful. Changes: Syslog-ng should now be able to fetch local messages under Solaris. Homepage here. By Balazs Scheidler. | |
| syslog-ng as the name shows is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages o |