Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)
The Security Information and Event Management (SIEM) enhances the security management of an organization by storing and analyzing logs coming from different network devices and giving possible recommendations that can be warnings, notices or alarms. Companies are beginning to invest in SIEM to prote...
Saved in:
Main Authors: | , |
---|---|
Format: | text |
Published: |
Animo Repository
2010
|
Subjects: | |
Online Access: | https://animorepository.dlsu.edu.ph/etd_bachelors/5310 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | De La Salle University |
id |
oai:animorepository.dlsu.edu.ph:etd_bachelors-5804 |
---|---|
record_format |
eprints |
spelling |
oai:animorepository.dlsu.edu.ph:etd_bachelors-58042021-04-16T08:35:22Z Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM) Pineda, Justine David G. Yatco, Roberto F. The Security Information and Event Management (SIEM) enhances the security management of an organization by storing and analyzing logs coming from different network devices and giving possible recommendations that can be warnings, notices or alarms. Companies are beginning to invest in SIEM to protect their data and to help network or system administrators monitor the state of their workplace. A lot of SIEM products focus on security tools and lack log consolidation and incident management solutions. The Adaptable Software-based Log Consolidation and Incident Management (AdLCIM) is a type of SIEM that works on a typical Local Area Network (LAN) where various network devices report status to the system. The system is capable of collecting different logs coming from different, identified network devices. It is also capable of standardizing logs into its format, consolidates and correlates patterns through its inventories. All resolvable attack logs are event sniped, while non-resolvable logs are flagged as alerts. The system is capable of handling different scenarios with different devices, and tests result confirmed successful log analysis. The system, moreover, is capable in running for long durations of time to see if the system is capable of analyzing all the logs coming from different, identified network devices. Overall, the performance of the system came up with the correct and accurate results in verifying log analysis from different network devices having different scenarios. 2010-01-01T08:00:00Z text https://animorepository.dlsu.edu.ph/etd_bachelors/5310 Bachelor's Theses Animo Repository Electronic security systems |
institution |
De La Salle University |
building |
De La Salle University Library |
continent |
Asia |
country |
Philippines Philippines |
content_provider |
De La Salle University Library |
collection |
DLSU Institutional Repository |
topic |
Electronic security systems |
spellingShingle |
Electronic security systems Pineda, Justine David G. Yatco, Roberto F. Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM) |
description |
The Security Information and Event Management (SIEM) enhances the security management of an organization by storing and analyzing logs coming from different network devices and giving possible recommendations that can be warnings, notices or alarms. Companies are beginning to invest in SIEM to protect their data and to help network or system administrators monitor the state of their workplace. A lot of SIEM products focus on security tools and lack log consolidation and incident management solutions. The Adaptable Software-based Log Consolidation and Incident Management (AdLCIM) is a type of SIEM that works on a typical Local Area Network (LAN) where various network devices report status to the system. The system is capable of collecting different logs coming from different, identified network devices. It is also capable of standardizing logs into its format, consolidates and correlates patterns through its inventories. All resolvable attack logs are event sniped, while non-resolvable logs are flagged as alerts. The system is capable of handling different scenarios with different devices, and tests result confirmed successful log analysis. The system, moreover, is capable in running for long durations of time to see if the system is capable of analyzing all the logs coming from different, identified network devices. Overall, the performance of the system came up with the correct and accurate results in verifying log analysis from different network devices having different scenarios. |
format |
text |
author |
Pineda, Justine David G. Yatco, Roberto F. |
author_facet |
Pineda, Justine David G. Yatco, Roberto F. |
author_sort |
Pineda, Justine David G. |
title |
Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM) |
title_short |
Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM) |
title_full |
Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM) |
title_fullStr |
Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM) |
title_full_unstemmed |
Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM) |
title_sort |
adaptable software-based log consolidation and incident management for a security information event management system (adlcim) |
publisher |
Animo Repository |
publishDate |
2010 |
url |
https://animorepository.dlsu.edu.ph/etd_bachelors/5310 |
_version_ |
1712576330937139200 |