Logcheck Rulefiles Analyzer
I spent some time making a rulefiles analyzer for Logcheck.

Noticing that logcheck-database had 1000+ rules made me curious about utilization. This tool will report the number of matches for each individual rule. The output looks like this right now:

*cut*
file: rulefiles/linux/ignore.d.server/dhclient:
[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 124, 124, 0, 0, 0, 0, 0, 0, 124]
file: rulefiles/linux/violations.d/logcheck:
[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
file: rulefiles/linux/ignore.d.server/policyd:
[0, 0]
file: rulefiles/linux/ignore.d.workstation/winbind:
[0]
file: rulefiles/linux/violations.ignore.d/logcheck-cyrus:
[0, 0, 0]
file: rulefiles/linux/ignore.d.paranoid/cron:
[0, 0, 18, 0, 0, 0, 0, 0]
file: rulefiles/linux/ignore.d.server/nscd:
[0]
*cut*

The numbers in the arrays correspond to line numbers in logcheck rulefiles. This output will be improved eventually. It should also calculate the top N and bottom N matched rules. This should aid us in tracking down stale rules.

analyzeRules - Get statistics about logcheck rule effectiveness

You'll need python 2.4.