High-performance Syslog processing and storage method

A high-performance, log technology, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as poor query performance, low query efficiency, inconvenient log query and analysis, and achieve the effect of improving storage efficiency

Active Publication Date: 2007-12-12
QI-ANXIN LEGENDSEC INFORMATION TECH (BEIJING) INC
View PDF0 Cites 89 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Log files are stored quickly and are easy to manage, but the query performance is poor. Since there is no index, the query efficiency is relatively low, and it is not convenient to query and analyze the logs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • High-performance Syslog processing and storage method
  • High-performance Syslog processing and storage method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0066] The technical scheme of the present invention applied to a security audit system completes the log processing work of the system. Since the user is the national backbone network of the department's system and has a large amount of daily visits, the amount of log data is huge. The peak value of the log can reach more than 6,000 records per second, and the total amount of log data can reach 50G per day. In this security audit system, the user installs the Japan-China audit software, which is responsible for auditing two gigabit firewalls, two backbone network routers, and four layer-3 switches. The basic configuration of the log audit system is as follows:

[0067] hardware:

[0068] CPU: 4 Intel Xeon processors

[0069] Memory: 4G

[0070] software:

[0071] Windows 2003 Enterprise Server

[0072] By adopting the technical scheme of the invention, the work of receiving and processing logs can be successfully completed without crashes and unreceived sit...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention is high performance Syslog log processing and storing method, and the steps are: (1) receiving log: log sever software receives the syslog data message by separated thread running method via bound UDP port (514), and the data message is generated into data class of syslog, and the data class of syslog is written in log buffer; (2) log buffer: the log buffer takes charge of storing the received syslog log data temporarily; (3) log normalization processing: detects the head of log buffer by separated thread, if the log buffer has new data, and the data will be extracted from buffer queue, and log will execute normalization processing according to field description information of log normalization configuring file, and call the log storing module to store the log as uniform format; (4) log storage: using the storing thread pool to write said normalization log on log storage file, every thread takes charge of writing log data in one file, and several threads can write the logs in different directories and discs, and improve the storing efficiency. The technical schedule adopts asynchronies log processing and intercurrent log storage technique, and two taches can inherit each other and coordinates the problems of log amount and log inercurrent amount, and use time to change time, and improve the log processing ability greatly.

Description

technical field [0001] The invention relates to a high-performance Syslog log processing and storage method, which relates to computer system integration and application technology, and in particular to the syslog log processing and storage technology in network information security. Background technique [0002] With the increasing scale of the network environment, the number of various devices in the network has increased sharply, and various security and attacks from the outside and inside have also increased sharply, threatening the security of network information. Therefore, security audits have become extremely important. The log of the device records detailed information such as the operating status of the device, the operations performed by various users, and so on. In the current network environment, the logs of various devices have become massive data. As the main log type, syslog is widely supported by various operating systems, network devices and security device...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/24H04L29/02
Inventor 文华朱震王新华
Owner QI-ANXIN LEGENDSEC INFORMATION TECH (BEIJING) INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap