Method and apparatus for storing and reporting summarized log data
First Claim
1. A method for processing log data comprising:
- receiving raw log data in a log data analyzer;
parsing the raw log data;
summarizing the parsed log data;
storing the summarized data in a database maintained by the log data analyzer;
receiving a database query from a management station;
generating a database report in the log data analyzer from the summarized data in response to the query received from the management station; and
, sending the database report to the management station.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method is disclosed for collecting, storing and reporting raw log data from log-producing devices such as firewalls and routers. The log-producing devices may be both local and remote—i.e., linked to a raw log server via a LAN and/or a WAN. A log data analyzer at a remote location gathers log data from devices at that remote location into time-defined sets and then sends those sets over a WAN (which may be the Internet) to a raw log server using a first protocol. Local log-producing devices may send their log data to the log data analyzer via a LAN using a second protocol. The log data analyzer forwards the raw log data local devices to an appropriate log data analyzer for parsing, summarizing and storage in one or more databases. The raw log server combines local and remote sets of raw log data for a given time period and stores them in a storage area of raw log data. A central management station is used to query the various databases in the system and to merge database reports into a single report for display.
89 Citations
8 Claims
-
1. A method for processing log data comprising:
-
receiving raw log data in a log data analyzer;
parsing the raw log data;
summarizing the parsed log data;
storing the summarized data in a database maintained by the log data analyzer;
receiving a database query from a management station;
generating a database report in the log data analyzer from the summarized data in response to the query received from the management station; and
,sending the database report to the management station. - View Dependent Claims (2, 3, 4)
-
-
5. A data processing system for processing log data comprising:
-
a management station;
a log data analyzer connected to the management station via a data communications link and which receives raw log data;
parses the raw log data;
summarizes the parsed log data;
stores the summarized data in a database;
receives a database query from the management station;
generates a database report from the summarized data in response to the query received from the management station; and
,sends the database report to the management station. - View Dependent Claims (6, 7, 8)
-
Specification