The Honeynet Project has beefed up a free tool that helps spot attacks that
can elude detection. The Picviz tool takes data from various log analysis
sources and converts them into a multidimensional visual map of events.
Researchers have now added a graphical user interface to Picviz, which should
make it easier to deploy and more attractive to a broader range of users. Picviz
developers Sebastien Tricaud and Philippe Saade have published a paper that
details how Picviz works and how it gathers and renders data from traffic logs,
database logs, SSH logs, syslogs, IPtables logs, Apache logs, and other sources.