文档介绍：软件天地
Software Technology
基于 Windows 的 Syslog 日志系统设计与实现
王春彦 1, 朱磊 2, 杨晓朋 2
(1. 河南省电子产品质量监督检验所,河南郑州 450003;
2. 河南省电力通信自动化公司,河南郑州 450052)
摘要: 针对传统的单一设备和人工管理方式不能应对日益复杂的网络威胁和挑战,不能及时发
现和准确定位网络安全事件, 也不能对安全事件可能造成的后果进行准确评估的问题, 本文主要讨
论如何基于标准 Syslog 协议,通过对网络设备大量网络日志数据的集中采集,通过 SQL 代理处理后进
行分析,构造一套日志系统,以达到对网络运行状况进行检测的目的。
关键词: Syslog;日志系统; SQL 代理; 网络安全
中图分类号: 文献标识码: A 文章编号: 1674-7720(2012)04-0011-03
Windows-based system design and implementation of Syslog
Wang Chunyan1, Zhu Lei2, Yang Xiaopeng2
(1. Henan Electronic Product Quality Supervision and Inspection, Zhengzhou 450003, China;
2. Henan Electric munication & pany, Zhengzhou 450052, China)
Abstract: The traditional reliance on a single device, or manual management approaches have failed to respond to increasingly
complex challenges work threats and can not find and accurately locate work security incidents, security incidents can
not be an accurate assessment of the consequences. This article focuses on how standards-based syslog protocol, a large number of
network devices through work of a centralized collection of log data, processed by the SQL Agent to analyze, construct a log
system to achieve operational status of work for testing purposes.
Key words: Syslog; log system; SQL agent; network security
日志一直都是网络管理人员在检查故障、排除网络 2 日志采集和存储
错误时, 查找“病源”的有利原始资料。通过对网络设备现在大多数 Syslog 日志系统均采用 Linux 服务器,