| Computer network is a complex combination which is constitutive of difficult devices and application systems, they can give some logs information which records their action or related events, network administrators can understand the functioning of the system, audit security incidents and diagnostic errors, such as abnormal. we can construct a distributed network platform which can monitor and audit log through Log Security Audit System, which give a unified management and security audits for log data of different formats in different locations, By auditing the logs of the designated devices and application systems to improve security of computer network, therefore, it is very important significance to reinforce log's management and audit for daily maintenance of network system and safeguard of network security.Traditional log management and security audit problems are discussed in this paper , and given a number of new design concepts and technology, especially in the implementation of log agents, the normative formats of log is presented through Regular Expressions ,which can solve a trouble problem of log's format multiversity; log audit system is to collect all logs of devices and application systems which are storage in different ways by a single agent software , it can solve a trouble problem of the diversity of the log's storage ,it is greatly simplified the log's collection process. The new log audit system will provide more and more comprehensive and convenient support on network system security audit. |
PDF Full Text Request