专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070143842A1 Method and system for acquisition and centralized storage of event logs from disparate systems 审中-公开
标题翻译：从不同的系统采集和集中存储事件日志的方法和系统
公开(公告)号：US20070143842A1
公开(公告)日：2007-06-21
申请号：US11300737
申请日：2005-12-15
申请人： Alan Turner , Chris Bullok , Kent Irvin , John Hayre , Kevin Markham
发明人： Alan Turner , Chris Bullok , Kent Irvin , John Hayre , Kevin Markham
IPC分类号： G06F12/14
CPC分类号： G06F21/552
摘要： A method and system are disclosed for acquisition and centralized storage of event logs from multiple systems. The present invention greatly improves the efficiency of event log review and analysis and is particularly useful for secure facilities performing periodic (e.g., weekly) event log audits for detection of security breaches. The present invention reduces human error by creating a centralized event log that automatically correlates event logs from disparate systems. The invention uses processing algorithms to analyze the centralized event log in order to identify events that meet selected criteria. A common format is utilized for the centralized event log to provide a uniform centralized event log that is easy to interpret by manual or automated analysis of the event data thereby greatly simplifying the audit process. In addition, the centralized event log can also be monitored on real time basis to detect sets of events triggering security alerts.
摘要翻译：公开了用于从多个系统采集和集中存储事件日志的方法和系统。本发明大大提高了事件日志审查和分析的效率，并且对于执行用于检测安全漏洞的周期性（例如，每周）事件日志审计的安全设施特别有用。本发明通过创建一个自动关联来自不同系统的事件日志的集中式事件日志来减少人为错误。本发明使用处理算法来分析集中式事件日志，以便识别满足所选标准的事件。集中式事件日志使用通用格式来提供统一的集中式事件日志，易于通过手动或自动分析事件数据进行解释，从而大大简化了审核流程。此外，还可以实时监控集中式事件日志，以检测触发安全警报的事件集。

IPRDB

热门服务

关于我们

友情链接

联系方式