REAL-TIME PUSH API FOR LOG EVENTS IN ENTERPRISE THREAT DETECTION
First Claim
Patent Images
1. A computer-implemented method, comprising:
- receiving a log entry at a streaming component of an enterprise threat detection (ETD) system from a real-time push application programming interface (API) associated with a backend computing system;
parsing the log entry using a runtime parser associated with the streaming component into mapped data in an ETD format compatible with the ETD system;
transferring the mapped data to an ETD streaming project for enrichment;
enriching the mapped data as enriched data; and
writing, using the streaming component, the enriched data into a database associated with the ETD system.
1 Assignment
0 Petitions
Accused Products
Abstract
A log entry is received at a streaming component of an enterprise threat detection (ETD) system from a real-time push application programming interface (API) associated with a backend computing system. The received log entry is parsed using a runtime parser associated with the streaming component into mapped data in an ETD format compatible with the ETD system. The mapped data is transferred to an ETD streaming project and enriched. The streaming component writes the enriched data into a database associated with the ETD system.
33 Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
receiving a log entry at a streaming component of an enterprise threat detection (ETD) system from a real-time push application programming interface (API) associated with a backend computing system; parsing the log entry using a runtime parser associated with the streaming component into mapped data in an ETD format compatible with the ETD system; transferring the mapped data to an ETD streaming project for enrichment; enriching the mapped data as enriched data; and writing, using the streaming component, the enriched data into a database associated with the ETD system. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory, computer-readable medium storing one or more instructions executable by a computer system to perform operations comprising:
-
receiving a log entry at a streaming component of an enterprise threat detection (ETD) system from a real-time push application programming interface (API) associated with a backend computing system; parsing the log entry using a runtime parser associated with the streaming component into mapped data in an ETD format compatible with the ETD system; transferring the mapped data to an ETD streaming project for enrichment; enriching the mapped data as enriched data; and writing, using the streaming component, the enriched data into a database associated with the ETD system. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A computer-implemented system, comprising:
-
a computer memory; and a hardware processor interoperably coupled with the computer memory and configured to perform operations comprising; receiving a log entry at a streaming component of an enterprise threat detection (ETD) system from a real-time push application programming interface (API) associated with a backend computing system; parsing the log entry using a runtime parser associated with the streaming component into mapped data in an ETD format compatible with the ETD system; transferring the mapped data to an ETD streaming project for enrichment; enriching the mapped data as enriched data; and writing, using the streaming component, the enriched data into a database associated with the ETD system. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification