| With the rapid development of Today's network, it is necessary that the Unified Security Management System must be separated from Network Management System (NMS). But the work about collecting logs, which has been an important part in Security Management, exists many limitations. In the course of investigating to collect the log data on Firewall, a kind of model will be proposed to the syslog format in this thesis.Firstly, NMS and the Unified Security Management System are introduced. The effect and developing situations of log management are analyzed in Security Management System, where after it was pointed out that research on studying log collection is very important.Secondly, it is sure that the method of collecting Firewall's log information should select the syslog format because the application of syslog protocol has universality and flexibility. After the case about syslog is analyzed, a way that collecting logs devices should be built on a syslog server is put forward. The server has three centers. The first center can collect original logs by a syslog server, the second can monitor and save the logs by log text file, and the final can get the useful information by MySQL database.Finally, in the course of discussing how to get logs on Radware Firewall, all the things are solved through three centers above. Then, those results are displayed on WEB.This thesis introduces how to configure Perl's running environment and how to setup and configure the software of swatch which is used to monitor log files. At last, some functional source codes will be presented and those are developed newly. |
PDF Full Text Request