Directing Audited Data Traffic to Specific Repositories
First Claim
1. A computer-implemented method for auditing data traffic, the computer-implemented process comprising:
- monitoring data traffic on a network and collecting data access elements thereof;
comparing the collected data access elements to security rules;
sending a first audit data collection to a first repository in response to one or more data access elements of a first data access matching a first condition of one of the security rules, wherein the one of the security rules having the first condition designates the first audit data collection and the first repository; and
sending a second audit data collection to a second repository in response to one or more data access elements of a second data access matching a second condition of one of the security rules, wherein the one of the security rules having the second condition designates the second audit data collection and the second repository.
1 Assignment
0 Petitions
Accused Products
Abstract
Data traffic is monitored on a network with data access elements thereof collected and compared to security rules. An audit data collection is sent to a repository responsive to data access elements matching a condition of the security rules, where security rules having the condition designate the audit data collection and repository. A tag to data traffic is applied responsive to the matching condition. Comparing of collected data access elements to the corresponding security rules having the matching condition is discontinued responsive to applying the tag. The tag indicates a repository and the data traffic includes a connection and session. An audit data collection is sent to the repository indicated by the tag for a data access responsive to the tag in the tagged data traffic. The method continues sending audit data for future data accesses in the tagged data traffic without comparing to the corresponding security rules again.
-
Citations
20 Claims
-
1. A computer-implemented method for auditing data traffic, the computer-implemented process comprising:
-
monitoring data traffic on a network and collecting data access elements thereof; comparing the collected data access elements to security rules; sending a first audit data collection to a first repository in response to one or more data access elements of a first data access matching a first condition of one of the security rules, wherein the one of the security rules having the first condition designates the first audit data collection and the first repository; and sending a second audit data collection to a second repository in response to one or more data access elements of a second data access matching a second condition of one of the security rules, wherein the one of the security rules having the second condition designates the second audit data collection and the second repository. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
at least one computing processor; and a computer-readable storage media connected to the at least one computing processor, wherein the computer-readable storage media has stored thereon a data-traffic auditing program for controlling the at least one computing processor, and wherein the at least one computing processor is operative with the program to execute the program to; monitor data traffic on a network and collecting data access elements thereof; compare the collected data access elements to security rules; send a first audit data collection to a first repository in response to one or more data access elements of a first data access matching a first condition of one of the security rules, wherein the one of the security rules having the first condition designates the first audit data collection and the first repository; and send a second audit data collection to a second repository in response to one or more data access elements of a second data access matching a second condition of one of the security rules, wherein the one of the security rules having the second condition designates the second audit data collection and the second repository. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer program product for auditing data traffic, the computer program product comprising:
-
a computer-readable storage medium; and computer-readable program code embodied in the computer-readable storage medium, wherein the computer-readable program code is configured to cause at least one computing processor to; monitor data traffic on a network and collecting data access elements thereof; compare the collected data access elements to security rules; send a first audit data collection to a first repository in response to one or more data access elements of a first data access matching a first condition of one of the security rules, wherein the one of the security rules having the first condition designates the first audit data collection and the first repository; and send a second audit data collection to a second repository in response to one or more data access elements of a second data access matching a second condition of one of the security rules, wherein the one of the security rules having the second condition designates the second audit data collection and the second repository. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification