×

Modular agent for network security intrusion detection system

  • US 8,230,507 B1
  • Filed: 06/01/2010
  • Issued: 07/24/2012
  • Est. Priority Date: 12/02/2002
  • Status: Expired due to Term
First Claim
Patent Images

1. A computer-implemented method comprising:

  • parsing an event that was generated by a first device;

    creating a normalized event based on the parsed event;

    accessing a first machine-readable medium encoded with a plurality of software modules, wherein each software module is configured to receive a normalized event, to modify the normalized event, and to output the modified normalized event;

    modifying the normalized event using a set of software modules, wherein the set of software modules comprises two or more software modules of the plurality of software modules and does not comprise all of the plurality of software modules; and

    transmitting the modified normalized event to a second device;

    wherein a configuration file indicates which software modules of the plurality of software modules are in the set of software modules, and wherein the configuration file is stored on a second machine-readable medium.

View all claims
  • 4 Assignments
Timeline View
Assignment View
    ×
    ×