Information Systems Record Events On Log Files

1555 Words7 Pages
Most information systems record events in log files [Abad03]. The type and structure of log files vary widely by system and platform. For example, weblogs are produced by web servers running Apache or Internet Information Server (IIS). Operating systems, firewalls, and Intrusion Detection Systems (IDS) record event information in log files. Applications also record user activities in log files [Abad03]. Any activities performed during a security breach will most likely result in log entries being recorded in one or more log files. These attacks cannot be identified by a single log entry occurrence, but instead can be identified through a series of entries spanning several minutes [Abad03]. The amount of data logged per system can be in excess of several thousand events per minute. Additionally, these files are distributed across the network. In order to process and analyze the log data, it must be integrated. Integrating highly heterogeneous data from multiple sources requires a massive centralized data repository [Kott13]. This data repository meets the complexity requirements as defined by Big Data. Big Data is defined by three characteristics: volume, velocity, and variety. Volume is the size of the data stored, and is measured in terabytes, petabytes, or exabytes. Velocity is the rate at which data is generated. Variety refers to the types of data, such as structured, semi-structured, or non-structured [Mahmood13]. Structured data is data that typically resides in a
Open Document