Processing data from the audit log in the Security event monitoring systems

Kharuk R.V.

In article methods and algorithms of data processing about safety events in system of monitoring of events of safety are developed, the new universal format for representation of events of auditing system is offered. The new structure will allow implementing data presentation of widespread auditing systems in the formalized kind convenient for the further processing and the automatic analysis. It promotes acceleration of data processing of events. At processing the accessory of each event to classes of events is defined. The given decision allows allocating the most dangerous (a class of events-alarms) from all events that, in turn, facilitates all process of the analysis.


Full text (pdf)