Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)

The Security Information and Event Management (SIEM) enhances the security management of an organization by storing and analyzing logs coming from different network devices and giving possible recommendations that can be warnings, notices or alarms. Companies are beginning to invest in SIEM to prote...

Full description

Saved in:
Bibliographic Details
Main Authors: Pineda, Justine David G., Yatco, Roberto F.
Format: text
Published: Animo Repository 2010
Subjects:
Online Access:https://animorepository.dlsu.edu.ph/etd_bachelors/5310
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: De La Salle University
id oai:animorepository.dlsu.edu.ph:etd_bachelors-5804
record_format eprints
spelling oai:animorepository.dlsu.edu.ph:etd_bachelors-58042021-04-16T08:35:22Z Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM) Pineda, Justine David G. Yatco, Roberto F. The Security Information and Event Management (SIEM) enhances the security management of an organization by storing and analyzing logs coming from different network devices and giving possible recommendations that can be warnings, notices or alarms. Companies are beginning to invest in SIEM to protect their data and to help network or system administrators monitor the state of their workplace. A lot of SIEM products focus on security tools and lack log consolidation and incident management solutions. The Adaptable Software-based Log Consolidation and Incident Management (AdLCIM) is a type of SIEM that works on a typical Local Area Network (LAN) where various network devices report status to the system. The system is capable of collecting different logs coming from different, identified network devices. It is also capable of standardizing logs into its format, consolidates and correlates patterns through its inventories. All resolvable attack logs are event sniped, while non-resolvable logs are flagged as alerts. The system is capable of handling different scenarios with different devices, and tests result confirmed successful log analysis. The system, moreover, is capable in running for long durations of time to see if the system is capable of analyzing all the logs coming from different, identified network devices. Overall, the performance of the system came up with the correct and accurate results in verifying log analysis from different network devices having different scenarios. 2010-01-01T08:00:00Z text https://animorepository.dlsu.edu.ph/etd_bachelors/5310 Bachelor's Theses Animo Repository Electronic security systems
institution De La Salle University
building De La Salle University Library
continent Asia
country Philippines
Philippines
content_provider De La Salle University Library
collection DLSU Institutional Repository
topic Electronic security systems
spellingShingle Electronic security systems
Pineda, Justine David G.
Yatco, Roberto F.
Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)
description The Security Information and Event Management (SIEM) enhances the security management of an organization by storing and analyzing logs coming from different network devices and giving possible recommendations that can be warnings, notices or alarms. Companies are beginning to invest in SIEM to protect their data and to help network or system administrators monitor the state of their workplace. A lot of SIEM products focus on security tools and lack log consolidation and incident management solutions. The Adaptable Software-based Log Consolidation and Incident Management (AdLCIM) is a type of SIEM that works on a typical Local Area Network (LAN) where various network devices report status to the system. The system is capable of collecting different logs coming from different, identified network devices. It is also capable of standardizing logs into its format, consolidates and correlates patterns through its inventories. All resolvable attack logs are event sniped, while non-resolvable logs are flagged as alerts. The system is capable of handling different scenarios with different devices, and tests result confirmed successful log analysis. The system, moreover, is capable in running for long durations of time to see if the system is capable of analyzing all the logs coming from different, identified network devices. Overall, the performance of the system came up with the correct and accurate results in verifying log analysis from different network devices having different scenarios.
format text
author Pineda, Justine David G.
Yatco, Roberto F.
author_facet Pineda, Justine David G.
Yatco, Roberto F.
author_sort Pineda, Justine David G.
title Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)
title_short Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)
title_full Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)
title_fullStr Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)
title_full_unstemmed Adaptable software-based log consolidation and incident management for a security information event management system (AdLCIM)
title_sort adaptable software-based log consolidation and incident management for a security information event management system (adlcim)
publisher Animo Repository
publishDate 2010
url https://animorepository.dlsu.edu.ph/etd_bachelors/5310
_version_ 1712576330937139200