-
公开(公告)号:US08862537B1
公开(公告)日:2014-10-14
申请号:US13174003
申请日:2011-06-30
IPC分类号: G06F17/30
CPC分类号: G06F17/30563 , G06F21/602 , G06F21/606
摘要: Obfuscating data is disclosed. A processor identifies structured information in log data. The structured information is transformed in a manner that preserves the structure to form transformed raw data. The transformed raw data is sent to a remote analysis engine. The remote analysis engine receives a query and responds to the query by providing as results at least a portion of the transformed raw data. A processor is configured to de-transform the transformed raw data.
摘要翻译: 公开了混淆数据。 处理器识别日志数据中的结构化信息。 结构化信息以保留结构以形成转换的原始数据的方式被转换。 转换的原始数据被发送到远程分析引擎。 远程分析引擎接收查询并通过提供至少一部分转换的原始数据作为结果来响应查询。 处理器被配置为去变换转换的原始数据。
-
公开(公告)号:US09262519B1
公开(公告)日:2016-02-16
申请号:US13489267
申请日:2012-06-05
IPC分类号: G06F17/30
CPC分类号: G06F17/30598 , G06F17/30542 , G06F17/3071
摘要: Analyzing log data, such as security log data and event data, is disclosed. Log data is received. Portions of the log data are clustered into clusters of similar data portions. A signature for each cluster is generated. Comparison of subsequent log data with the signature indicates whether the subsequent log data belongs in the cluster.
摘要翻译: 公开了日志数据的分析,例如安全日志数据和事件数据。 收到日志数据。 日志数据的部分被聚类成类似数据部分的集群。 生成每个集群的签名。 后续日志数据与签名的比较表明后续日志数据是否属于集群。
-
公开(公告)号:US08983912B1
公开(公告)日:2015-03-17
申请号:US13173882
申请日:2011-06-30
IPC分类号: G06F17/30
CPC分类号: G06F17/30861 , G06F17/30017 , H04L43/04 , H04L67/10
摘要: Data collection and transmission is disclosed. A server is configured to receive, from a remote device, a message including raw information, and to parse at least a portion of the received raw information. The raw information is received by the system from an information reporting module interface of the remote device. The information reporting module of the remote device is configured to receive information from at least one separately installed information reporting module. A client device includes an information reporting module interface and a server interface. The client device is configured to receive configuration information from a remote server.
摘要翻译: 披露数据收集和传输。 服务器被配置为从远程设备接收包括原始信息的消息,并且解析所接收的原始信息的至少一部分。 原始信息由系统从远程设备的信息报告模块接口接收。 远程设备的信息报告模块被配置为从至少一个单独安装的信息报告模块接收信息。 客户端设备包括信息报告模块接口和服务器接口。 客户端设备配置为从远程服务器接收配置信息。
-
公开(公告)号:US09135560B1
公开(公告)日:2015-09-15
申请号:US13174128
申请日:2011-06-30
CPC分类号: G06N5/022 , H04L29/0653 , H04L41/0853 , H04L41/22
摘要: The automatic selection and usage of a parser is disclosed. Raw data is received from a first remote device. At least a portion of the raw data is evaluated using a plurality of rules. A confidence measure is determined for at least some of the rules. An indication that the raw data pertains to a source is provided as output when the confidence measure exceeds a threshold.
摘要翻译: 公开了解析器的自动选择和使用。 从第一远程设备接收原始数据。 使用多个规则评估原始数据的至少一部分。 确定至少一些规则的置信度量度。 当置信度超过阈值时,提供原始数据与源相关的指示作为输出。
-
公开(公告)号:US08930380B1
公开(公告)日:2015-01-06
申请号:US13174208
申请日:2011-06-30
IPC分类号: G06F17/30
CPC分类号: G06F17/30598 , G06F11/3476 , G06F17/2282 , G06F17/271 , G06F17/40
摘要: Automatically generating a parser is disclosed. Raw data is received from a first remote device. A determination that the raw data does not, within a predefined confidence measure, conform to any rules included in a set of rules is made. A clustering function is performed on the raw data. At least one parser rule is generated based on the clustering.
摘要翻译: 公开了自动生成解析器。 从第一远程设备接收原始数据。 确定原始数据在预定义的置信度量内不符合包含在一组规则中的任何规则。 对原始数据执行聚类功能。 基于聚类生成至少一个解析器规则。
-
-
-
-
搜索结果
5 条记录 (耗时 0.029 秒)
