Computer-implemented method and system for security event transport using a message bus
First Claim
Patent Images
1. A computer device for security event transport using a message bus, comprising:
- a message bus comprising a transient queue provided in a local memory on the computer device and having a first plurality of channels, a durable queue provided in one or more files stored on the computer device and having a second plurality of channels, and a persistent queue provided in a database communicatively coupled to the computer device and having a third plurality of channels;
a receiver unit configured to receive a plurality of security events from a plurality of publishers communicatively coupled to the computer device;
a queue unit configured to queue the plurality of security events received from the plurality of publishers in the message bus, wherein the queue unit includes a processor further configured to;
queue a first subset of the plurality of security events within one or more of the first plurality of channels in the transient queue, wherein the processor clears the first subset of the plurality of security events from the local memory that provides the transient queue in response to determining that one or more tasks running on the message bus have terminated;
queue a second subset of the plurality of security events within one or more of the second plurality of channels in the durable queue, wherein the processor recovers the second subset of the plurality of security events from the one or more files that provide the durable queue in response to determining that the one or more tasks running on the message bus have failed; and
queue a third subset of the plurality of security events within one or more of the third plurality of channels in the persistent queue, wherein the processor removes the third subset of the plurality of security events from the database that provides the persistent queue in response to determining that one or more predetermined events have occurred; and
a transport unit configured to transport the plurality of security events queued in the message bus to a plurality of subscribers, wherein the transport unit transports the first subset of the plurality of security events queued in the transient queue to a first subset of the plurality of subscribers, transports the second subset of the plurality of security events queued in the durable queue to a second subset of the plurality of subscribers, and transports the third subset of the plurality of security events queued in the persistent queue to a third subset of the plurality of subscribers.
8 Assignments
0 Petitions
Accused Products
Abstract
A computer-implemented device provides security events from publishers to subscribers. There is provided a message bus, configured to contain a plurality of security events. Also provided is a receiver unit, responsive to a plurality of publishers, to receive the plurality of security events from the publishers. There is also a queue unit, responsive to receipt of the security events, to queue the plurality of security events in the message bus. Also, there is a transport unit, responsive to the security events in the message bus, to transport the plurality of security events in the message bus to a plurality of subscribers.
-
Citations
27 Claims
-
1. A computer device for security event transport using a message bus, comprising:
-
a message bus comprising a transient queue provided in a local memory on the computer device and having a first plurality of channels, a durable queue provided in one or more files stored on the computer device and having a second plurality of channels, and a persistent queue provided in a database communicatively coupled to the computer device and having a third plurality of channels; a receiver unit configured to receive a plurality of security events from a plurality of publishers communicatively coupled to the computer device; a queue unit configured to queue the plurality of security events received from the plurality of publishers in the message bus, wherein the queue unit includes a processor further configured to; queue a first subset of the plurality of security events within one or more of the first plurality of channels in the transient queue, wherein the processor clears the first subset of the plurality of security events from the local memory that provides the transient queue in response to determining that one or more tasks running on the message bus have terminated; queue a second subset of the plurality of security events within one or more of the second plurality of channels in the durable queue, wherein the processor recovers the second subset of the plurality of security events from the one or more files that provide the durable queue in response to determining that the one or more tasks running on the message bus have failed; and queue a third subset of the plurality of security events within one or more of the third plurality of channels in the persistent queue, wherein the processor removes the third subset of the plurality of security events from the database that provides the persistent queue in response to determining that one or more predetermined events have occurred; and a transport unit configured to transport the plurality of security events queued in the message bus to a plurality of subscribers, wherein the transport unit transports the first subset of the plurality of security events queued in the transient queue to a first subset of the plurality of subscribers, transports the second subset of the plurality of security events queued in the durable queue to a second subset of the plurality of subscribers, and transports the third subset of the plurality of security events queued in the persistent queue to a third subset of the plurality of subscribers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer-implemented method for security event transport using a message bus, comprising:
-
providing a message bus on a computer device, wherein the message bus comprises a transient queue provided in a local memory on the computer device and having a first plurality of channels, a durable queue provided in one or more files stored on the computer device and having a second plurality of channels, and a persistent queue provided in a database communicatively coupled to the computer device and having a third plurality of channels; receiving, at a receiver unit communicatively coupled to the computer device, a plurality of security events from a plurality of publishers; queuing, by a queue unit, a first subset of the plurality of security events within one or more of the first plurality of channels in the transient queue, wherein the queue unit clears the first subset of the plurality of security events from the transient queue in response to determining that one or more tasks running on the message bus have terminated; queuing, by the queue unit, a second subset of the plurality of security events within one or more of the second plurality of channels in the durable queue, wherein the queue unit recovers the second subset of the plurality of security events from the one or more files that provide the durable queue in response to determining that the one or more tasks running on the message bus have failed; queuing, by the queue unit, a third subset of the plurality of security events within one or more of the third plurality of channels in the persistent queue, wherein the queue unit removes the third subset of the plurality of security events from the database that provides the persistent queue in response to determining that one or more predetermined events have occurred; and transporting, by a transport unit, the plurality of security events queued in the message bus to a plurality of subscribers, wherein the transport unit transports the first subset of the plurality of security events queued in the transient queue to a first subset of the plurality of subscribers, transports the second subset of the plurality of security events queued in the durable queue to a second subset of the plurality of subscribers, and transports the third subset of the plurality of security events queued in the persistent queue to a third subset of the plurality of subscribers. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer readable medium comprising computer-executable instructions for security event transport using a message bus, wherein executing the computer-executable instructions on a computer device causes the computer device to:
-
provide a message bus on the computer device, wherein the message bus comprises a transient queue provided in a local memory on the computer device and having a first plurality of channels, a durable queue provided in one or more files stored on the computer device and having a second plurality of channels, and a persistent queue provided in a database communicatively coupled to the computer device and having a third plurality of channels; receive, at a receiver unit communicatively coupled to the computer device, a plurality of security events from a plurality of publishers; queue, by a queue unit, a first subset of the plurality of security events within one or more of the first plurality of channels in the transient queue, wherein the queue unit clears the first subset of the plurality of security events from the transient queue in response to determining that one or more tasks running on the message bus have terminated; queue, by the queue unit, a second subset of the plurality of security events within one or more of the second plurality of channels in the durable queue, wherein the queue unit recovers the second subset of the plurality of security events from the one or more files that provide the durable queue in response to determining that the one or more tasks running on the message bus have failed; queue, by the queue unit, a third subset of the plurality of security events within one or more of the third plurality of channels in the persistent queue, wherein the queue unit removes the third subset of the plurality of security events from the database that provides the persistent queue in response to determining that one or more predetermined events have occurred; and transport, by a transport unit, the plurality of security events queued in the message bus to a plurality of subscribers, wherein the transport unit transports the first subset of the plurality of security events queued in the transient queue to a first subset of the plurality of subscribers, transports the second subset of the plurality of security events queued in the durable queue to a second subset of the plurality of subscribers, and transports the third subset of the plurality of security events queued in the persistent queue to a third subset of the plurality of subscribers. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
-
Specification