-
公开(公告)号:US20170180404A1
公开(公告)日:2017-06-22
申请号:US14979015
申请日:2015-12-22
Applicant: SAP SE
Inventor: Viktor Bersch
CPC classification number: H04L63/1425 , G06F17/30185 , G06F17/30327 , G06F17/30598 , H04L63/1433 , H04L2463/121
Abstract: A first set of log entries is identified. A plurality of log entry classes occurring in the first set of log entries is determined. Each log entry in a given log entry class has a same number, type, and ordering of components. A vector of component type identifiers is determined for each log entry class. Each identifier in a vector for a given log entry class identifies a position and type of a component included in a log entry belonging to the given log entry class. A classification tree is created using the vectors. An unclassified log entry not included in the first set of log entries is identified. A log entry class is assigned to the unclassified log entry using the classification tree to create a classified log entry. One or more security threat patterns are evaluated using the classified log entry.
-
公开(公告)号:US10038710B2
公开(公告)日:2018-07-31
申请号:US14979015
申请日:2015-12-22
Applicant: SAP SE
Inventor: Viktor Bersch
CPC classification number: H04L63/1425 , G06F16/1805 , G06F16/2246 , G06F16/285 , H04L63/1433 , H04L2463/121
Abstract: A first set of log entries is identified. A plurality of log entry classes occurring in the first set of log entries is determined. Each log entry in a given log entry class has a same number, type, and ordering of components. A vector of component type identifiers is determined for each log entry class. Each identifier in a vector for a given log entry class identifies a position and type of a component included in a log entry belonging to the given log entry class. A classification tree is created using the vectors. An unclassified log entry not included in the first set of log entries is identified. A log entry class is assigned to the unclassified log entry using the classification tree to create a classified log entry. One or more security threat patterns are evaluated using the classified log entry.
-
公开(公告)号:US20170178026A1
公开(公告)日:2017-06-22
申请号:US14978995
申请日:2015-12-22
Applicant: SAP SE
Inventor: Susan Marie Thomas , Rita Merkel , Lukas Carullo , Viktor Bersch , Harish Mehta , Hartwig Seifert , Thomas Kunz , Florian Chrosziel , Omar Alexander Al-Hujaj , Marco Rodeck
CPC classification number: G06N20/00 , G06F16/2465 , G06F21/552 , G06N5/025 , G06N5/046
Abstract: A sample log file including a plurality of log entries for log learning is accessed, using a log interpretation controller, prior to runtime as part of a log learning process. Each of the plurality of log entries is analyzed. A log entry type is assigned to each of the plurality of log entries. A log type and semantic event are assigned to each log entry type. Generation of runtime rules is triggered for analyzing unknown log entries. The runtime rules include characteristics of particular log entry types that allow unique identification of the particular log entry type for a particular unknown log entry. The generated runtime rules are loaded into a runtime parser.
-
-
Search Results
3
records
(took 0.014 seconds)
