System and method for the collection and transmission of log data over a wide area network

US 20050114706A1
Filed: 07/23/2004
Published: 05/26/2005
Est. Priority Date: 11/26/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for processing log data from a log-producing device comprising:

receiving in a log data analyzer raw log data from a log-producing device;

collecting the raw log data into sets of raw log data;

sending a set of raw log data from the log data analyzer to a remote raw log server over a wide area network; and

, storing the raw log data in a database maintained by the raw log server.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is disclosed for collecting, storing and reporting raw log data from log-producing devices such as firewalls and routers. The log-producing devices may be both local and remote—i.e., linked to a raw log server via a LAN and/or a WAN. A log data analyzer at a remote location gathers log data from devices at that remote location into time-defined sets and then sends those sets over a WAN (which may be the Internet) to a raw log server using a first protocol. Local log-producing devices may send their log data to the log data analyzer via a LAN using a second protocol. The log data analyzer forwards the raw log data local devices to an appropriate log data analyzer for parsing, summarizing and storage in one or more databases. The raw log server combines local and remote sets of raw log data for a given time period and stores them in a storage area of raw log data. A central management station is used to query the various databases in the system and to merge database reports into a single report for display.

132 Citations

View as Search Results

22 Claims

1. A method for processing log data from a log-producing device comprising:
- receiving in a log data analyzer raw log data from a log-producing device;
  
  collecting the raw log data into sets of raw log data;
  
  sending a set of raw log data from the log data analyzer to a remote raw log server over a wide area network; and
  
  , storing the raw log data in a database maintained by the raw log server.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. A method for processing log data as recited in claim 1 further comprising encrypting the raw log data prior to sending it over the wide area network.
  - 3. A method for processing log data as recited in claim 1 further comprising compressing the raw log data prior to sending it over the wide area network.
  - 4. A method for processing log data as recited in claim 1 wherein the raw log data is sent over the wide area network using TCP/IP protocol.
  - 5. A method for processing log data as recited in claim 1 wherein the raw log data is sent via a tunnel across a wide area network.
  - 6. A method as recited in claim 5 wherein the wide area network is a public network.
  - 7. A method as recited in claim 6 wherein the public network is the Internet.
  - 8. A method for processing log data as recited in claim 1 wherein sending the raw log data from the log data analyzer is done periodically.
  - 9. A method for processing log data as recited in claim 1 where the sets of raw log data are delimited by time.
  - 10. A method for processing log data as recited in claim 1 further comprising parsing the raw log data in the log data analyzer and storing the parsed raw log data in a database maintained by the log data analyzer.
  - 11. A method for processing log data as recited in claim 10 further comprising summarizing the parsed log data.
  - 12. A method for processing log data as recited in claim 11 wherein the summarizing is performed periodically.
  - 13. A method for processing log data as recited in claim 10 further comprising querying the database maintained by the log data analyzer from a management station in data communication with the log data analyzer over the WAN.

14. A data processing system for providing raw log data to a raw log server located on a remote local area network, the system comprising:
- a first local area network;
  
  a gateway connected to the first local area network for communicating data from the first local area network to the remote local area network;
  
  a log-producing device connected to the first local area network;
  
  a log data analyzer connected to the first local area network and in data communication with the log-producing device over the first local area network and for data communication with the raw log server via the first local area network and the gateway.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22)
- - 15. A data processing system as recited in claim 14 wherein the log data analyzer is additionally for encrypting log data from the log-producing device.
  - 16. A data processing system as recited in claim 14 wherein the log data analyzer is additionally for compressing log data from the log-producing device.
  - 17. A data processing system as recited in claim 14 wherein the gateway communicates data from the first local area network to the remote local area network using TCP/IP protocol.
  - 18. A data processing system as recited in claim 14 wherein the log data analyzer is for periodic data communication with the raw log server via the first local area network and the gateway.
  - 19. A data processing system as recited in claim 14 wherein the log data analyzer is for collecting time-delimited sets of raw log data from the log-producing device.
  - 20. A data processing system as recited in claim 14 wherein the log data analyzer is for parsing raw log data from the log-producing device and for storing the parsed raw log data in a database maintained by the log data analyzer.
  - 21. A data processing system as recited in claim 20 wherein the log data analyzer is additionally for summarizing the parsed log data.
  - 22. A data processing system as recited in claim 21 wherein the log data analyzer is for periodically summarizing the parsed log data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cloud Software Group
Original Assignee
Cloud Software Group
Inventors
DeStefano, Jason Michael, Jenson, Ralph D.

Application Number

US10/897,994
Publication Number

US 20050114706A1
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

H04L 43/04   Processing captured monitor...

H04L 43/12   Network monitoring probes

H04L 63/0428   wherein the data content is...

H04L 63/1425   Traffic logging, e.g. anoma...

System and method for the collection and transmission of log data over a wide area network

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

132 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for the collection and transmission of log data over a wide area network

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

132 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links