SYSTEMS AND METHODS FOR TRACKING AND RECORDING EVENTS IN A NETWORK OF COMPUTING SYSTEMS
First Claim
1. A method for tracking activity on a computing system, the method comprising:
- detecting an event, associated with a process, occurring in the computing system;
generating, by a processor, an event identifier for the event, wherein the event identifier uniquely identifies the event in the computing system; and
generating a record for the event, the record comprising the event identifier and details that describe the event.
1 Assignment
0 Petitions
Accused Products
Abstract
A security client can be configured to operate on the one or more computing systems and record all events occurring on the one or more computing systems. The security client can operate as a “security camera” for the computing systems by identifying and retaining data and information that describes and details different events that occur on the computing systems. The security client can be configured to generate event records for the events that are uniquely associated with the process that requested or performed event. Likewise, the security client can be configured to uniquely associate the event records with the specific computing system associated with the event.
-
Citations
20 Claims
-
1. A method for tracking activity on a computing system, the method comprising:
-
detecting an event, associated with a process, occurring in the computing system; generating, by a processor, an event identifier for the event, wherein the event identifier uniquely identifies the event in the computing system; and generating a record for the event, the record comprising the event identifier and details that describe the event. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer readable storage medium comprising instructions that cause a processor to perform a comprising:
-
detecting an event, associated with a process, occurring in the computing system; generating an event identifier for the event, wherein the event identifier uniquely identifies the event in the computing system; and generating a record for the event, the record comprising the event identifier and details that describe the event. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A method for computer security, the method comprising:
-
receiving at least one event record for an event associated with a process executing on a computing system, wherein the at least one event record comprises an event identifier that uniquely identifies the event in the computing system, details of the event, and a global identifier that uniquely identifies the event and the computing system; and storing the at least one event record in a computer readable storage medium. - View Dependent Claims (18, 19, 20)
-
Specification