Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Plug-in type heterogeneous Syslog access processing system and method

A processing system and plug-in technology, applied in the field of data processing, can solve problems such as insufficient flexibility, heavy development workload, and difficult data preprocessing, and achieve the effects of flexible processing, improved work efficiency, and enhanced readability

Active Publication Date: 2021-11-26
THE 28TH RES INST OF CHINA ELECTRONICS TECH GROUP CORP
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The topology of modern military networks is complex, there are many security devices, and the number of security logs is growing explosively. With the continuous enhancement of network threats, the security logs of a single device are not enough to support the research and judgment of high-level threat events. In order to effectively detect threat events, it is necessary to target multiple However, the input data formats of various types of security devices are diverse, and data preprocessing is difficult. Every time a device is connected, the system needs to be re-customized. The development workload is heavy and the flexibility is insufficient.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Plug-in type heterogeneous Syslog access processing system and method
  • Plug-in type heterogeneous Syslog access processing system and method
  • Plug-in type heterogeneous Syslog access processing system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0060] Example embodiments of the present invention will be further described in conjunction with the accompanying drawings and the following.

[0061] The first embodiment of the present invention discloses an access plug-isomer Syslog processing system may be applied to the field of network security, provide technical support for faster processing threat incidents.

[0062] like figure 1 As shown in the one plug-isomer Syslog access processing system for supporting multiple heterogeneous data sources Syslog plug of stream processing, comprising:

[0063] A data stream input module, a data stream processing module, data stream output module, an external data management module, plug-in management module and the stream processing script task management module;

[0064] The data stream input means for Syslog heterogeneous data access, and access data to heterogeneous Syslog data stream processing module; the heterogeneous data comprises host Syslog log, the log flow, various types o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a plug-in type heterogeneous Syslog access processing system and method. The system comprises a stream processing task management module, a data stream input module, a data stream processing module, a data stream output module, an external data management module and a plug-in script management module. The data stream input module supports access of various heterogeneous Syslog data, data cleaning, conversion, formatting, enriching and other processing operations are carried out through the data stream processing module, and the data stream is output to a database, a Logstash server, a log server or a message queue through the data stream output module. The plug-in script management module manages the plug-in script. The stream processing task management module is responsible for monitoring and managing the execution state of each processing module. The external data management module supports introduction of an external data source and supports data processing related operations. According to the method, flexible access, processing and output of multi-source heterogeneous Syslog data are realized, useless alarm data are effectively filtered, and technical support is provided for faster processing of threat events.

Description

Technical field [0001] The present invention belongs to the field of data processing, in particular, it relates to an insert-isomer Syslog access processing system and method. Background technique [0002] Combat cyber warfare is the main form of future high-tech warfare, cyber attacks can effectively paralyze the enemy's combat system, disrupt enemy logistics, public enemy induce public opinion. Diverse network attack scenario, invisible, intangible, once the attack will greatly enhance the effective implementation of the strategic and tactical level of combat mission execution. Modern military complex network topology, many security equipment, security logs the number of explosive growth, with the growing threats of network security log a single device judged insufficient to support high-level threat events, in order to effectively detect threats event, the need for multiple type security log correlation analysis, however, each type of safety device input data in multiple forma...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F16/21G06F16/215G06F16/25
CPCG06F16/211G06F16/215G06F16/258
Inventor 产院东郭乔进王坤胡杰刘蔚棣吴其华杨冲昊汪义飞高沙沙杨航
Owner THE 28TH RES INST OF CHINA ELECTRONICS TECH GROUP CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products