Free log files w3svc1 software for linux

loggerfs is the virtual file system that allows you to store logs in a database. I just released the first version of it (checkout the News) and will now be focusing on supporting more logging formats. If you dont yet know what loggerfs is, then heres a simple explanation for when you need it:

- Are you running cron scripts periodically to parse log files and put them in a database?
- Do you need to store log files remotely because you have limited space?
- Would you like a more efficient solution than simply polling the log files and waiting for new data?

If you answer yes to any of the above questions, please take a look at loggerfs. It will allow you to create virtual files to which you can then direct syslog/ apache/ squid/ etc. to log to. For example, instead of having syslog store authentication information in /var/log/auth.log, you could create a virtual file in /var/loggerfs/auth.log and then tell syslog to log to that file. Now instead of storing the information in the auth.log file, the data is actually sent to a database server that you defined in the logs.xml file. Every time new information is sent to the file, it is immediately sent to the database server, which means that:

- It doesnt poll for information, it listens, which makes it a lot more efficient.
- It automatically creates the tables in the database and makes sure that all the information can be stored.
- Youll be able to easily sort/ analyze the log files once theyre in the database.

I encourage you to checkout the CVS on the sourceforge project page, and let me know if you have any questions/ problems/ suggestions.

Log::Dispatch::File::Alerts is a Perl object for logging to alert files.

SYNOPSIS

use Log::Dispatch::File::Alerts;

my $file = Log::Dispatch::File::Alerts->new(
name => file1,
min_level => emerg,
filename => Somefile%d{yyyy!!!!}.log,
mode => append );

$file->log( level => emerg,
message => "Ive fallen and I cant get upn" );

ABSTRACT

This module provides an object for logging to files under the Log::Dispatch::* system.

This module subclasses Log::Dispatch::File for logging to date/time stamped files. See Log::Dispatch::File for instructions on usage. This module differs only on the following three points:

alert files

This module will use a seperate file for every log message.

multitasking-safe

This module uses flock() to lock the file while writing to it.

stamped filenames

This module supports a special tag in the filename that will expand to the current date/time/pid.

It is the same tag Log::Log4perl::Layout::PatternLayout uses, see Log::Log4perl::Layout::PatternLayout, chapter "Fine-tune the date". In short: Include a "%d{...}" in the filename where "..." is a format string according to the SimpleDateFormat in the Java World (http://java.sun.com/j2se/1.3/docs/api/java/text/SimpleDateFormat.html). See also Log::Log4perl::DateFormat for information about further restrictions.
In addition to the format provided by Log::Log4perl::DateFormat this module also supports $ for inserting the PID and ! for inserting a uniq number. Repeat the character to define how many character wide the field should be.
A note on the !: The module first tries to find a fresh filename with this set to 1. If there is already a file with that name then it is increased until either a free filename has been found or it reaches 9999. In the later case the module dies.

Log::Log4perl is a Log4j implementation for Perl.

SYNOPSIS

# Easy mode if you like it simple ...

use Log::Log4perl qw(:easy);
Log::Log4perl->easy_init($ERROR);

DEBUG "This doesnt go anywhere";
ERROR "This gets logged";

# ... or standard mode for more features:

Log::Log4perl::init(/etc/log4perl.conf);

--or--

# Check config every 10 secs
Log::Log4perl::init_and_watch(/etc/log4perl.conf,10);

--then--

$logger = Log::Log4perl->get_logger(house.bedrm.desk.topdrwr);

$logger->debug(this is a debug message);
$logger->info(this is an info message);
$logger->warn(etc);
$logger->error(..);
$logger->fatal(..);

#####/etc/log4perl.conf###############################
log4perl.logger.house = WARN, FileAppndr1
log4perl.logger.house.bedroom.desk = DEBUG, FileAppndr1

log4perl.appender.FileAppndr1 = Log::Log4perl::Appender::File
log4perl.appender.FileAppndr1.filename = desk.log
log4perl.appender.FileAppndr1.layout =
Log::Log4perl::Layout::SimpleLayout
######################################################

ABSTRACT

Log::Log4perl provides a powerful logging API for your application

File::Util is an easy, versatile, portable file handling module.

File::Util provides a comprehensive toolbox of utilities to automate all kinds of common tasks on file / directories. Its purpose is to do so in the most portable manner possible so that users of this module wont have to worry about whether their programs will work on other OSes and machines.

SYNOPSIS

use File::Util;
my($f) = File::Util->new();

my($content) = $f->load_file(foo.txt);

$content =~ s/this/that/g;

$f->write_file(
file => bar.txt,
content => $content,
bitmask => 0644
);

$f->write_file(
file => file.bin, content => $binary_content, --binmode
);

my(@lines) = $f->load_file(randomquote.txt, --as-lines);
my($line) = int(rand(scalar @lines));

print $lines[$line];

my(@files) = $f->list_dir(/var/tmp, qw/ --files-only --recurse /);
my(@textfiles) = $f->list_dir(/var/tmp, --pattern=.txt$);

if ($f->can_write(wibble.log)) {

my($HANDLE) = $f->open_handle(
file => wibble.log,
mode => append
);

print $HANDLE "Hello World! Its ", scalar localtime;

close $HANDLE
}

my($log_line_count) = $f->line_count(/var/log/httpd/access_log);

print "My file has a bitmask of " . $f->bitmask(my.file);

print "My file is a " . join(, , $f->file_type(my.file)) . " file."

warn This file is binary! if $f->isbin(my.file);

print "My file was last modified on " .
scalar localtime($f->last_modified(my.file));

# ...and _lots_ more

Log::Dispatch::File::Rolling is a Perl object for logging to date/time/pid stamped files.

SYNOPSIS

use Log::Dispatch::File::Rolling;

my $file = Log::Dispatch::File::Rolling->new(
name => file1,
min_level => info,
filename => Somefile%d{yyyyMMdd}.log,
mode => append );

$file->log( level => emerg,
message => "Ive fallen and I cant get upn" );

ABSTRACT

This module provides an object for logging to files under the Log::Dispatch::* system.

This module subclasses Log::Dispatch::File for logging to date/time stamped files. See Log::Dispatch::File for instructions on usage. This module differs only on the following three points:

fork()-safe

This module will close and re-open the logfile after a fork.

multitasking-safe

This module uses flock() to lock the file while writing to it.

stamped filenames

This module supports a special tag in the filename that will expand to the current date/time/pid.

It is the same tag Log::Log4perl::Layout::PatternLayout uses, see Log::Log4perl::Layout::PatternLayout, chapter "Fine-tune the date". In short: Include a "%d{...}" in the filename where "..." is a format string according to the SimpleDateFormat in the Java World (http://java.sun.com/j2se/1.3/docs/api/java/text/SimpleDateFormat.html). See also Log::Log4perl::DateFormat for information about further restrictions.
In addition to the format provided by Log::Log4perl::DateFormat this module also supports $ for inserting the PID. Repeat the character to define how many character wide the field should be. This should not be needed regularly as this module also supports logfile sharing between processes, but if youve got a high load on your logfile or a system that doesnt support flock()...

THC-vlogger is an advanced linux kernel based keylogger, enables the capability to log keystrokes of all administrator/users sessions via console, serial and remote sessions (telnet, ssh), switching logging mode by using magic password, stealthily sending logged data to centralized remote server.
THC-vloggers smart mode can automatically detect password prompts to log only sensitive user and password information.
Main features:
- Log keystrokes of all user sessions
Console, serial console
Telnet/SSH remote sessions
- Stealth mechanism
No syscall modifying, nearly impossible to detect
UDP packets of log data can not be seen from the box itself
- Multiple logging modes and methods
Support three logging modes
Switch between logging modes by specific keys sequence
Default toggle character is CTRL-]
- Dumb mode
Logs all keystrokes
- Smart mode
Ability to detect password prompt automatically to log only sensitive data such as user/password (ssh, telnet, su, sudo, ftp, ...)
- Normal mode
Stop logging mode
- Log methods
Log to files
Remote log over network
Transmits log data via UDP to a specified machine
System users neither see nor sniff log packets
Sniffers such as tcpdump on the box can not see the traffic
Bypass local network filtering/firewall rules
- Log data
Separated logging for each tty/session
Each tty has their own log buffer
Easier to track sessions
- Timestamps logging
Nearly support all special chars
Arrow keys (left, right, up, down), Home, Page Up, Page Down
F1 to F12, Shift+F1 to Shift+F12
ALT- and CTRL- combinations
Tab, Insert, Delete, End, Backspace, ...
Support line editing keys included CTRL-U and Backspace

Wflogs is a firewall log analysis tool. It can be used to produce a log summary report in plain text, HTML and XML, or to monitor firewalling logs in real-time.
This project is part of the WallFire project, but can be used independently.
Usage examples:
wflogs -i netfilter -o html netfilter.log > logs.html
converts the given netfilter log file into a HTML report.
wflogs --sort=protocol,-time -i netfilter -o text netfilter.log > logs.txt
converts the given netfilter log file into a sorted (by protocol number, then reverse time) text report.
wflogs -f $start_time >= [this 3 days ago] && $start_time < [this 2 days ago] && $chainlabel =~ /(DROP|REJECT)/ && $sipaddr == 10.0.0.0/8 && $protocol == tcp && ($dport == ssh || $dport == telnet) && ($tcpflags & SYN) -i netfilter -o text --summary=no
shows log entries (without summary) which match the given expression (refused connection attempts that occured 3 days ago to ssh and telnet ports coming from internal network 10.0.0.0/8).
wflogs -i netfilter -o text --resolve=0 --whois=0 netfilter.log
converts the given netfilter log file into a text report (default mode), disabling IP address reverse lookups and whois lookups.
wflogs -i netfilter -o xml netfilter.log > logs.xml
exports netfilter logs in XML.
wflogs -i ipchains -o netfilter ipchains.log > netfilter.log
converts ipchains logs into netfilter log format. So you may process them with your favorite netfilter log analyser, for example (even if the latter may not be better than wflogs itself.
wflogs -i ipfilter -o human --datalen=yes ipfilter.log
produces a report about ipfilter logfile in natural language on stdout, displaying packet length (datalen option) which is not showed by default.
wflogs -R -I
monitors logs in real-time in an interactive shell, waiting for logs in the default system logfile, in guessed format (according to the local firewalling tool).
Supported systems
WallFire is intended to work on real systems such as Unix, especially Linux and *BSD.
Current wflogs input modules are:
- netfilter (Linux 2.4 and 2.6 firewall logs)
- ipchains (Linux 2.2 firewall logs)
- ipfilter (NetBSD, FreeBSD, OpenBSD, Solaris, SunOS 4, IRIX and HP-UX running ipfilter firewall logs).
- cisco_pix (Cisco PIX filter logs)
- cisco_ios (Cisco IOS filter logs)
- snort (Snort ACLs logs)
Please note that input modules are available on any architecture on which wflogs can run (for example, you can perfectly parse Cisco PIX logs on a Linux box).
Enhancements:
- Improved matching of netfilter and ipfilter input modules.
- Added support for Cisco FWSM (PIX).
- Improved netfilter parsing.
- Compilation fixes for *BSD.
- Added wflogs.dtd.
- Added wfchkintegrity tool, which enables to monitor changes in the firewalling configuration.
- Fixed buffer sizes for some input modules.
- Fixed parsing with recent flex versions.