Systems and methods for minimizing security logs
First Claim
1. A method for consolidating a computer security log, comprising:
- providing a security log including information pertaining to security events on a computer system, the log including entries specifying at least information identifying a relative time each event occurred and information identifying a type of each event;
determining from the log a number of times a particular type of event occurred during a specified time period; and
creating a consolidated log including for each entry at least information identifying a first time that the particular type of event occurred during the specified time period, information identifying the type of the particular event and information indicating a number of times the particular type of event occurred during the specified time period.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for consolidating a computer security log includes providing a security log including information pertaining to security events on a computer system, the log including entries specifying at least information identifying a relative time each event occurred and information identifying a type of each event, determining from the log a number of times a particular type of event occurred during a specified time period and creating a consolidated log including for each entry at least information identifying a first time that the particular type of event occurred during the specified time period, information identifying the type of the particular event and information indicating a number of times the particular type of event occurred during the specified time period.
42 Citations
21 Claims
-
1. A method for consolidating a computer security log, comprising:
-
providing a security log including information pertaining to security events on a computer system, the log including entries specifying at least information identifying a relative time each event occurred and information identifying a type of each event;
determining from the log a number of times a particular type of event occurred during a specified time period; and
creating a consolidated log including for each entry at least information identifying a first time that the particular type of event occurred during the specified time period, information identifying the type of the particular event and information indicating a number of times the particular type of event occurred during the specified time period. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A programmed computer for consolidating at least one computer security log, comprising:
-
a system for providing a security log including information pertaining to security events on a computer system, the log including entries specifying at least information identifying a relative time each event occurred and information identifying a type of each event;
a system for determining from the log a number of times a particular type of event occurred during a specified time period; and
a system for creating a consolidated log including for each entry at least information identifying a first time that the particular type of event occurred during the specified time period, information identifying the type of the particular event and information indicating a number of times the particular type of event occurred during the specified time period. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer recording medium including computer executable code for consolidating a computer security log, comprising:
-
code for providing a security log including information pertaining to security events on a computer system, the log including entries specifying at least information identifying a relative time each event occurred and information identifying a type of each event;
code for determining from the log a number of times a particular type of event occurred during a specified time period; and
code for creating a consolidated log including for each entry at least information identifying a first time that the particular type of event occurred during the specified time period, information identifying the type of the particular event and information indicating a number of times the particular type of event occurred during the specified time period. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification