Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Audit log data processing method and system

A technology of data processing and processing methods, which is applied in the field of network security, can solve problems such as low database query efficiency, achieve the effects of improving data processing efficiency, improving query efficiency, and saving system resources

Inactive Publication Date: 2019-11-01
西安交大捷普网络科技有限公司
View PDF0 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In order to solve the problem of low query efficiency of the database of the above-mentioned existing SOC products, the present invention aims to provide a technical solution combining Esper engine and Memcached, by indirectly realizing the separation of reading and writing of the original table, improving the query efficiency of data, Also improved stats

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Audit log data processing method and system
  • Audit log data processing method and system
  • Audit log data processing method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to facilitate understanding of the technical solutions of the embodiments of the present invention, two existing solutions that are often used to improve database query efficiency are listed.

[0043] Option 1, Mongodb replaces temporary tables

[0044] Using Mongodb as a substitute for temporary tables can improve the speed of data insertion and query retrieval, reduce the pressure on the Mysql database, and transfer statistical queries to Mongodb data. After several experiments, the test data shown in the following table are obtained:

[0045]

[0046] It can be seen that after using Mongodb, the writing speed is very fast, and the total number of queries and pagination retrieval speeds are also very fast, basically in line with expectations. However, by observing the disk usage and memory usage, we will find that with the increase of the amount of data stored in the database, the amount of disk space and memory space occupied will increase linearly, whic...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention aims to provide an audit log data processing method and system, and the method comprises the steps: building a temporary table, and enabling the writing operation of the temporary tableto be executed by a MyISAM engine; after auditing log data is collected, only storing the auditing log data in a temporary table, and only storing the data of the first duration in the temporary table; setting a data cleaning strategy of a second duration by the temporary table; adding a trigger to the temporary table, and executing synchronization operation of the temporary table and the originaltable regularly; and cancelling statistics of all operations of the temporary table. According to the technical scheme of combining the Esper engine and the Memcached, read-write separation of the original table is indirectly achieved, the data query efficiency is improved, and meanwhile data statistics is improved.

Description

technical field [0001] The invention belongs to the technical field of network security, and in particular relates to a data processing method and system for improving query efficiency of an audit log database. Background technique [0002] The information security integrated centralized management system (SOC, security operation center) is a centralized information exchange, information storage, and information processing platform, which can conduct unified control and management of various resources in the IT environment. It uses a variety of technologies and means to collect and integrate various security events and IT asset alarms, organizes independent resources and applications into a whole, realizes in-depth analysis and risk identification of events and alarms, and provides a variety of security responses and Recovery means, so as to achieve efficient and comprehensive network security monitoring, auditing, measurement and operation and maintenance, and meet the cent...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F16/18G06F16/2455G06F16/27
CPCG06F16/1815G06F16/24552G06F16/27
Inventor 王平何建锋郭增晖
Owner 西安交大捷普网络科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products