High-performance Syslog processing and storage method

A high-performance, log technology, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as poor query performance, low query efficiency, inconvenient log query and analysis, and achieve the effect of improving storage efficiency
CN101087210AActive Publication Date: 2007-12-12QI-ANXIN LEGENDSEC INFORMATION TECH (BEIJING) INC
0 Cites 89 Cited by

Patent Information

Authority / Receiving Office
CN ยท China
Patent Type
Applications(China)
Current Assignee / Owner
QI-ANXIN LEGENDSEC INFORMATION TECH (BEIJING) INC
Publication Date
2007-12-12

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
Patent Text Reader

Abstract

The invention is high performance Syslog log processing and storing method, and the steps are: (1) receiving log: log sever software receives the syslog data message by separated thread running method via bound UDP port (514), and the data message is generated into data class of syslog, and the data class of syslog is written in log buffer; (2) log buffer: the log buffer takes charge of storing the received syslog log data temporarily; (3) log normalization processing: detects the head of log buffer by separated thread, if the log buffer has new data, and the data will be extracted from buffer queue, and log will execute normalization processing according to field description information of log normalization configuring file, and call the log storing module to store the log as uniform format; (4) log storage: using the storing thread pool to write said normalization log on log storage file, every thread takes charge of writing log data in one file, and several threads can write the logs in different directories and discs, and improve the storing efficiency. The technical schedule adopts asynchronies log processing and intercurrent log storage technique, and two taches can inherit each other and coordinates the problems of log amount and log inercurrent amount, and use time to change time, and improve the log processing ability greatly.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to a high-performance Syslog log processing and storage method, which relates to computer system integration and application technology, and in particular to the syslog log processing and storage technology in network information security. Background technique

[0002] With the increasing scale of the network environment, the number of various devices in the network has increased sharply, and various security and attacks from the outside and inside have also increased sharply, threatening the security of network information. Therefore, security audits have become extremely important. The log of the device records detailed information such as the operating status of the device, the operations performed by various users, and so on. In the current network environment, the logs of various devices have become massive data. As the main log type, syslog is widely supported by various operating systems, network devices and security device...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More