http://securit.iquebec.com/
SecurIT Intrusion Detection Toolkit 1.0 (SIDTk 1.0):

The SIDTk 1.0 contains:
 - ADSScan 1.0 : An Alternate Data Streams scanner
 - IntegCheck 1.1 : A filesystem integrity checker (i.e. a Tripwire clone)
 - LogUser 1.0 : A module to detect invalid user accounts
 - LogShares 1.0 : A module to detect non-allowed shares on the machine
 - LogServices 1.0 : A module to detect non-allowed services
 - LogStartup 1.0 : A module to detect suspicious items inserted for automatic startup
 - LogProc 1.0 : A module to detect rogue processes running in memory

LogAgent 5.0

LogAgent 5.0 is a logfile monitoring and 
centralising agent for Windows, able to do so for almost any ASCII log file 
and for the events in the Event Viewer (which then becomes converted to 
text).  This is done in real-time, with very little CPU-consumption, and 
you can send the output to any number of servers or consoles you want, or 
even the printer.  With version 5.0, LogAgent is now also available for 
Windows 9x/Me.

LogIDS 2.0

LogIDS is a real-time log analysis intrusion detection console for Windows 
NT/2K/XP.  The program lets you define the fields for each log you want to 
monitor, and then you can use these fields to build a ruleset to alter 
LogIDS behaviour.  The graphical interface presents you with a logical 
representation of your network map, where each node (host or subnet) have 
its own little log viewing window.  An icon is also displayed, which can be 
used to picture the action represented in the logged item. Sounds alerts 
are also supported.  Logs can come from any source you want, firewalls, 
personal firewalls, antivirus, Snort, SITDk 1.0, etc...