Logfile

Abstract: A system and method for security management comprising log archival and reporting is provided using a novel architecture with particular application which is scalable for larger scale global data networks. The system comprises a Log Collection unit, interfacing with a Data Analysis and Log Archival unit, and a Data and System Access Unit interfacing with the Data Analysis and Log Archival Unit. The Log Collection Unit comprises a Log Collector Manager for managing log collection from a plurality log collectors interfacing with one or more security devices. The log collection unit transfers logfiles to a Storage Manager and a Data Analysis manager, connected to a Data Analysis Store, of the Data Analysis and Log Archival unit, which also comprises a Archival unit associated with the Storage unit. The system provides for separation of logfile analysis and archival of logfiles, which improves scalability of the system. The Data and System Access unit provides a user interface for the system, preferably web based.

Abstract: A method of creating a self-documenting logfile which records the status and operation of a substantially computer-controlled device. The method comprises the steps of accepting input commands from a user for controlling the device status and operation; monitoring the device characteristics; detecting deviations in the device status, user inputs, and procedural steps in the device's operation; writing these detected events to the logfile with the date and time of which the detected event occurred; and retrieving the logfile upon user demands for review of the logfile. In order to comply with good laboratory practices (GLP), the method additionally comprises steps for verifying the user input commands by determining the acceptability of the input commands, detecting inadvertent alteration to the logfile and testing the validity of the logfile for invalid data. Steps for providing an enciphering key within the event lines which comprise the logfile in order to detect tampering are also disclosed.

Abstract: A system and method are disclosed for providing security for a computer network. Content sets are generated for a computer associated with the network. It is determined whether a user should be routed to the generated content sets. If it is determined that the user should be routed to the generated content sets, a generated content set is selected and the user is so routed. Various actions and events may be recorded in a logfile, and the logfile is analyzed using regular expressions.