Open Source Linux Log Management Tools
Sort By:
Log Management Tools for Linux
View 30 business solutionsBrowse free open source Log Management tools and projects for Linux below. Use the toggles on the left to filter open source Log Management tools by OS, license, language, programming language, and project status.
-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas provides built-in vector search and a flexible document model so developers can build, scale, and run gen AI apps without stitching together multiple databases. From LLM integration to semantic search, Atlas simplifies your AI architecture—and it’s free to get started.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
log4cplus
Logging Framework for C++
log4cplus is a simple to use C++ logging API providing thread-safe, flexible, and arbitrarily granular control over log management and configuration. It is modelled after the Java log4j API.">
-
2
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization -
3
PM2
Node.js Production Process Manager with a built-in Load Balancer
PM2 (Process Manager 2) is a production process manager with its own built-in load-balancer for Node.js applications. If you want battle-hardened Node.js applications that can be monitored and kept alive forever, PM2 is the way to go. PM2 lets you manage, maintain and increase Node.js performance. It is constantly assailed by over 1800 tests so you can deliver high quality applications, and deploy confidently and more often. PM2 is cross-platform and arguably the most widely-used process manager for Node.js with over 100 million downloads. Setting it up is easy, it just takes a couple of minutes and one simple command. -
4
syslog-ng
Log management solution that improves the performance of SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM. With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs. syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance. syslog-ng can deliver data from a wide variety of sources to Hadoop, Elasticsearch, MongoDB, and Kafka as well as many others. syslog-ng flexibly routes log data from X sources to Y destinations. Instead of deploying multiple agents on hosts, organizations can unify their log data collection and management. syslog-ng Store Box provides automated archiving, tamper-proof encrypted storage, granular access controls to protect log data. The largest appliance can store up to 10TB of raw logs. -
Easy-to-Use Website Accessibility WidgetAll in One Accessibility is an AI based accessibility tool that helps organizations to enhance the accessibility and usability of websites quickly.
-
5
Grafana Mimir
Grafana Mimir provides long-term storage for Prometheus
Grafana Mimir is an open-source, horizontally scalable, long-term storage solution for Prometheus metrics. Built by Grafana Labs, Mimir is designed to handle massive volumes of time-series data efficiently while maintaining high availability and reliability. It enables organizations to scale their Prometheus infrastructure without the typical limitations of single-server setups. Mimir is used to power Grafana Cloud Metrics and is built to be fully compatible with Prometheus, allowing easy integration into existing monitoring workflows. -
6
l'oGGo
A powerful terminal app for structured log streaming
l'oGGo or Log & Go is a rich Terminal User Interface app written in Golang that harnesses the power of your terminal to digest log streams based on JSON-based logs. This can be used against applications running locally, on a Kubernetes cluster (see K8S Cheatsheet), GCP Stack Driver (Google Logs, see GCP-Stream Command), and many others. -
7
Graylog Ansible Role
Ansible role which installs and configures Graylog
Ansible role which installs and configures Graylog. -
8
UTMStack
Customizable SIEM and XDR powered by Real-Time correlation
Welcome to the UTMStack open-source project! UTMStack is a unified threat management platform that merges SIEM (Security Information and Event Management) and XDR (Extended Detection and Response) technologies. Our unique approach allows real-time correlation of log data, threat intelligence, and malware activity patterns from multiple sources, enabling the identification and halting of complex threats that use stealthy techniques. UTMStack stands out in threat prevention by surpassing the boundaries of traditional systems. Our software platform can swiftly analyze log data to identify and halt threats at their source in real-time, even if the threat was not directly detected on the server itself. This seamless integration of SIEM and XDR capabilities sets UTMStack apart from competitors, providing organizations with an effective, holistic cybersecurity suite that enhances threat detection, response, and remediation across clients’ valuable digital infrastructure. -
9
Quickwit
Sub-second search & analytics engine on cloud storage
Sub-second search & analytics engine on cloud storage. Quickwit is the fastest search engine on cloud storage. Quickwit has an Elasticsearch-compatible Ingest-API to make it easier to migrate your log shippers (Vector, Fluent Bit, Syslog, ...) to Quickwit. However, we only support ES aggregation DSL, the query DSL support is planned for Q2 2023. The core difference and advantage of Quickwit are its architecture built from the ground to search on cloud storage. We optimized IO paths, revamped the index data structures and made search stateless and sub-second on cloud storage. Quickwit is open-source under the GNU Affero General Public License Version 3 - AGPLv3. Fundamentally, this means you are free to use Quickwit for your project if you don't modify Quickwit. However, if you do and you are distributing your modified version to the public, you have to make the modifications public. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
Docker-ELK
The Elastic stack (ELK) powered by Docker and Compose
A turnkey Docker Compose stack to spin up the ELK stack (Elasticsearch, Logstash, Kibana) for log collection, analysis, and visualization. Based on official Elastic images and enhanced with configuration defaults optimized for local development and testing. -
11
Security Onion
Linux distro for threat hunting, enterprise security monitoring
Our latest version focuses on simplifying grid installation and configuration. Our products include both the Security Onion software and specialized hardware appliances that are built and tested to run Security Onion. Our appliances will save you and your team time and resources, allowing you to focus on keeping your organization secure. We offer both training and support for Security Onion. Our instructors are the only Security Onion Certified Instructors in the world and our course material is the only authorized training material for Security Onion. We've been teaching Security Onion classes and providing Professional Services since 2014. -
12
Octopussy
Open Source Log Management Solution
Octopussy, open source log management solution. Lot of Services already supported: Bind, Cisco Router, Cisco Switch, DenyAll Reverse Proxy, Drbd, F5 BigIP, Fortinet FW, IronPort MailServer, Linux Kernel/System, Linux IPTables, Monit, MySQL, Nagios, NetApp NetCache, Juniper Netscreen FW, Juniper Netscreen NSM, Postfix, PostgreSQL, Samhain, Snmpd, Squid, Sshd, Syslog-ng, Windows Snare Agent, Xen. Wizard to easily create new Messages/Service for Unrecognized logs. -
13
Qualitis
Qualitis is a one-stop data quality management platform
Qualitis is a data quality management platform that supports quality verification, notification, and management for various datasource. It is used to solve various data quality problems caused by data processing. Based on Spring Boot, Qualitis submits quality model task to Linkis platform. It provides functions such as data quality model construction, data quality model execution, data quality verification, reports of data quality generation and so on. At the same time, Qualitis provides enterprise-level features of financial-level resource isolation, management and access control. It is also guaranteed working well under high-concurrency, high-performance and high-availability scenarios. -
14
Octopussy: Log Management Solution
Log Management Solution
Logs Analyzer, Alerter & Reporter with a Web Interface -
15
C++ Log Engine Library
Easy, flexible, lightweight, platform independent C++logging library
New version 1.03 is released! Check it out. LogEngine is a C++ library for easy and flexible logging to files. Multithreaded, easy to use and fast. Automatic logfile backup (several modes). A small amount of code. Platform Independent. -
16
NXLog
A multi-platform universal log collector and forwarder
NXLog is a modular, multi-threaded, high-performance log management solution with multi-platform support. In concept it is similar to syslog-ng or rsyslog but is not limited to unix/syslog only. It can collect logs from files in various formats, receive logs from the network remotely over UDP, TCP or TLS/SSL . It supports platform specific sources such as the Windows Eventlog, Linux kernel logs, Android logs, local syslog etc. Writing and reading logs to/from databases is also supported. The collected logs can be stored into files, databases or forwarded to a remote log server using various protocols. The old BSD Syslog and the newer IETF syslog standard is fully supported by NXLog in addition to Snare, XML, JSON, GELF, KVP, CSV and custom formats. A key concept in NXLog is to be able to handle and preserve structured logs. No need to convert everything to syslog and parse these logs again at the other side. It has powerful message filtering, log rewrite and conversion capabilities. -
17
This is a log management system for Twisted applications. It's a way to use python logging facilities under Twisted log environment. It contains a server for storage of log messages,and a GUI to manage logging messages browsing & log dynamic config.
-
18
apache-logs-to-mysql
Apache Log Parser and Data Normalization Application
Apache Log Parser and Data Normalization Application Python handles File Processing & MySQL handles Data Processing ApacheLogs2MySQL consists of two Python Modules & one MySQL Schema to automate importing Access & Error files and normalizing data into database designed for reports & data analysis. Runs on Windows, Linux and MacOS & tested with MySQL versions 8.0.39, 8.4.3, 9.0.0 & 9.1.0. 4 LogFormats & 2 ErrorLogFormats can be loaded and 5 MySQL Stored Procedures can be processed in a single Python `ProcessLogs function` execution. Database system designed to accommodate unlimited domains. Step-by-step guide for easy installation. Web interface with Drill Down Capability and apache/echarts Log Visualization integration in development. MySQL apache_logs schema currently has 49 Tables, 853 Columns, 168 Indexes, 66 Views, 7 Stored Procedures and 43 Functions to process Apache Access log in 4 formats & Apache Error log in 2 formats. Database normalization at work! -
19
DTail
DTail is a distributed DevOps tool for tailing, grepping, catting logs
DTail (a distributed tail program) is a DevOps tool for engineers programmed in Google Go for following (tailing), catting and grepping (including gzip and zstd decompression support) log files on many machines concurrently. An advanced feature of DTail is to execute distributed MapReduce aggregations across many devices. For secure authorization and transport encryption, the SSH protocol is used. Furthermore, DTail respects the UNIX file system permission model (traditional on all Linux/UNIX variants and also ACLs on Linux based operating systems). The DTail binary operates in either client or server mode. The DTail server must be installed on all server boxes involved. The DTail client (possibly running on a regular Laptop) is used interactively to connect to the servers concurrently. That currently scales to multiple thousands of servers per client. Furthermore, DTail can be operated in a serverless mode too. Read more about it in the documentation. -
20
Graylog Cookbook
Chef recipes to deploy Graylog
This Chef cookbook installs and configures the Graylog log management system. Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place. Search terabytes of data in milliseconds so you can ask more questions and get more answers. Save and share searches to save time and share expertise. Combine a variety of data widgets to customize dashboards to exactly what you want to see. Then quickly drill-down and even launch saved searches. Use triggers, aggregations and correlations to get alerts through SMS, Slack, PagerDuty, email, and more. Or kickoff a custom script for full creativity. Work with the same widgets you use for search results and dashboards to easily build reports and automate their delivery to any email address. -
21
HyperDX
An open source observability platform unifying session replays & logs
HyperDX helps engineers figure out why production is broken faster by centralizing and correlating logs, metrics, traces, exceptions and session replays in one place. An open-source and developer-friendly alternative to Datadog and New Relic. The HyperDX stack ingests, stores, and searches/graphs your telemetry data. After standing up the Docker Compose stack, you'll want to instrument your app to send data over to HyperDX. -
22
LogDNA Agent
LogDNA Agent streams from log files to your LogDNA account
LogDNA Agent streams from log files to your LogDNA account. Works with Linux, Windows, and macOS Servers. -
23
LogEngine2 library
Simple C++ library for easy and flexible logging
LogEngine2 is a C++ header only library for easy and flexible logging. Contains small amount of code in compare with other logging libraries. Just copy the files from include folder to your project folder and use a C++20 compiler. LogEngine2 can load loggers from .lfg file. Examples of .lfg files are included into bundle. LogEngine2 provides various log targets: regular files, rotating log files, console logging, string stream, user custom function. Log line format is easy configurable. -
24
LogSearcher
Log Management Web Application
Log Searcher provided full indexed search engine for log files on each servers. It supported many powerful query types such as phrase queries, wildcard queries, proximity queries, range queries and more with Lucene and Solr technology. It comes with Web interface to search and generate chart accordingly. This project is Open Source project with Apache 2.0 license for allowing you to extra development on top of Log Searcher project. The initial configuration was written on readme.txt before implementation on production line. If you have idea for improvement, you can drop an email to me. Contact: log.searcher[at]yahoo.com -
25
Logagent
Extensible log shipper with input/output plugins, buffering, etc.
Logagent is a modern, open-source, lightweight log shipper. It is like Filebeat and Logstash in one, without the JVM memory footprint. It comes with out-of-the-box and extensible log parsing, on-disk buffering, secure transport, and bulk indexing to Elasticsearch, Sematext Logs, and other destinations. Its low memory footprint and low CPU overhead make it suitable for deploying on edge nodes and devices, while its ability to parse and structure logs makes it a great Logstash alternative.