| As the developing of network technology, the scale of network becomes more and more large and more and more applications are being developed. People can access all kinds of services and resources through network. All these things ease people's lives and change the style of people's lives. At the same time, with the growing of network, many problems appeared. For example, hackers attack nodes of network by means of much network defect, much virus is transferred through network and many users use network resources illegally. So it's important for network managers to develop system to monitor network traffic, attacks and resources. It will help network managers to manage network more effectively.The article analyzes two normal approaches to realize network monitor, one is based on packets captured and another is based on logs generated by network gateway. Then, it introduces the three common kinds of log format, syslog, traffic log and WELF. Basing on the discussion, it introduces the design of Log-based Network Monitor System (LNMS) and describes the detail design of each module of LNMS. LNMS is made of log receiver, log processor, report engine, report scheduler, Web Services interface and web application. LNMS is architected by J2EE and Struts. It is excellent in configuration, generality and portability. LNMS web application module offers reports about network traffic and attacks to final users. And LNMS is integrated with existed network management system through Web Services interface. Finally, the article analyzes the performance of LNMS and summarizes the flow of development in software engineer opinion. |
PDF Full Text Request