Method and system for acquisition and centralized

专利名称：Method and system for acquisition and

centralized storage of event logs fromdisparate systems

发明人：Alan K. Turner,Chris E. Bullok,Kent L.

Irvin,John C. Hayre,Kevin D. Markham

申请号：US11300737申请日：20051215

公开号：US20070143842A1公开日：20070621

专利附图：

摘要：A method and system are disclosed for acquisition and centralized storage of

event logs from multiple systems. The present invention greatly improves the efficiencyof event log review and analysis and is particularly useful for secure facilities performingperiodic (e.g., weekly) event log audits for detection of security breaches. The presentinvention reduces human error by creating a centralized event log that automaticallycorrelates event logs from disparate systems. The invention uses processing algorithmsto analyze the centralized event log in order to identify events that meet selectedcriteria. A common format is utilized for the centralized event log to provide a uniformcentralized event log that is easy to interpret by manual or automated analysis of theevent data thereby greatly simplifying the audit process. In addition, the centralizedevent log can also be monitored on real time basis to detect sets of events triggeringsecurity alerts.

申请人：Alan K. Turner,Chris E. Bullok,Kent L. Irvin,John C. Hayre,Kevin D. Markham

地址：West Tawakoni TX US,Campbell TX US,Nevada TX US,Greenville TX US,GreenvilleTX US

国籍：US,US,US,US,US

更多信息请下载全文后查看