We feel that Code Blue can be useful for monitoring web server activity. Unlike programs like analog which provide reporting functionality based on usage patterns, Code Blue takes a different approach by "looking" at web logs from the security perspective. Web servers are vulnerable and there are many threats and vulnerabilities including worms, SQL injection, buffer overflow requests, bad robots and others. The program provides detailed analysis of web server logs either statically (saved file) or dynamically (live data) and produces a report containing the possible threats/exploits and the means of the identification of the perpetrator (IP number).


The program is currently in beta status.


Both source code and binaries are available for download.

To run the program, unzip the source code and compile it using javac *.java Then, run the java CodeBlueApp command to lauch the program.


There is a number of features we'd like to implement including internationalization, proactive IP blocking, enhanced reporting/customization, support for other log formats and others.

The future of Code Blue ultimately depends on the feedback we get. Any suggestions, bug reports, feature requests and so on are more than welcome. Feel free to write to us at any time. Also, if you want to participate in the project.


We'd like to thank Damian Kelly for inspiration and support.