rsyslog is a free and open source syslog
server, the default on recent Ubuntu and CentOS distributions.
Paid-for options include a Windows agent that sends the Event log
to an rsyslog server.
syslog-ng is
a free and open source syslog server, with great configuration
options. Commercial extra options include encryption and and a
web interface.
LogStash is free and open source, and
combines a syslog server with a web interface for searching and
graphing.
Graylog2 is also free and open source, and
like LogStash it combines the functionality of a syslog server with
that of an interface to search and graph the data.
Fluentd is a syslog server, capable of
scaling up massively.
Web Interfaces
Kibana is a web
interface for logs collected with LogStash or with other data stored
in ElasticSearch.
[Octopussy] is a web interface with searching and graphing features.
Installation instructions exist for RedHat- and Debian-based
systems.
LogAnalyzer is a web frontend
for syslog, with some analysis and reporting capabilities.
Free and Open Source Log Analysis Software
LogReport does log analysis and
reporting, but it seems that its development has stopped.
LogSurfer analyzes logs line
by line against predefined regular expressions, and can trigger
notifications.
Epylog is a time-based log
analysis tool, which sends reports and alerts by emails. It is a
replacement of logwatch.
SEC does log analysis with
focus on event correlation.
ELSA
is an analysis and search tool for syslog-ng with MySQL for backend
and Sphinx for indexing.
Clarity is a simple web front
end for the contents of a directory with log files, with grep-like
and tail-f-like features.
Non-Free or Closed Source or Commercial Log Analysis Software
LogZilla is free of charge for up to 10
devices and up to 1 million messages per day. Beyond those limits,
the price scales up according to the selected features.
Documentation includes instructions for RedHat- and Debian-based
systems.
Splunk is free for up to 500 MBytes of
data per day. Download options include packages for 2.6+ Kernel
Linux distributions.
CloudPelican is still in development
as of this writing. Their website mentions that there is a free
version, but downloading the demo requires registration.
XPOLog is a freeware log analysis software
with a standalone web server.
LogScape is a Linux based log analysis
and indexing tool, with a free basic version.
Sumo Logic cloud based log management
and analytics. Free version works for up to 500 MBytes of data per
day, up to three users and up to 7 days retention.
Sawmill is a closed source analysis
tool, with free 30-day demo versions.
Loggly offers log management, analysis
and graphing. There is a free version for up to 200 MBytes of data
per day and 7-day retention.
Snare Backlog
was a logging server for Windows, that could collect data from several
standard sources, as well as from a wide range of operating systems
that run its agent. There are freeware versions of it still available for download.