MassLogProcess
MassLogProcess is distributed log processing and correlation engine. Implemented on the top of JPPF. The current development is alpha phase. If you know what OSSIM is, then MassLogProcess is built with similar functions in
mind but aims at large volumes of input data and distributed processing.
Current implementation includes following components:
- Log receiving
- Log storage
- Log indexing and analysis
- Post-analysis UI
User Manual
Coming soon
Performance evaluation
03/25/2009: JMassLogPro v0.2 running on a single machine, in 100M LAN environment, the log collection speed of up to 20000syslogs/second.
Evaluation details available here
Resources
Following are useful project resources: