探测器在操作系统内核级上监视所有数据库事务,包括特权用户的事务,而不依赖于数据库审计日志。
The probes monitor all database transactions, including those of privileged users, at the operating system kernel level without relying on database audit logs.
审计信息可以存储在每个系统上系统管理员指定的本地文件中,也可以发送到远程系统以便进行集中的日志记录。
The audit information can be stored locally on each system in a file designated by the system administrator, or can be sent to a remote system for centralized logging.
系统必须处理三类外部实体:生产线上的称重机、工人的控制台、审计日志。
The system must deal with three classes of external entities: the weighing machines on the production lines, the worker's console, and the audit log.
关于系统上典型的审计日志文件,参见清单1;它还显示了记录的追踪部分。
A typical audit log file on my system is shown in Listing 1; it shows the trail record, as well.
即使有些端口现在没有使用,审计子系统可以用来查找已经使用了哪些端口(在审计日志文件记录的时间范围内)。
The audit subsystem can be used to find out which ports have been used (for the duration of the audit log files) even if they are not currently in use.
因此,如果包含审计日志文件的文件系统满了,它仍然会继续将事件写到日志文件的开头。
Thus, if the filesystem that contains the audit log files fills up, it still continues to write events to the beginning of the log file.
如果重新引导服务器或停止运行审计服务,那么重新启动系统时会覆盖stream. out审计日志。
If the server is rebooted, or the audit service is stopped, the stream.out audit log will be over written when the system is restarted.
为了让审计系统了解如何将每个对象作为一条记录输出到审计日志中,需要使用 /etc/security/events文件中的相应条目。
For audit to understand how to print each object as a record to the audit log, it needs a corresponding entry in the /etc/security/events file.
然而传统的数据库审计系统往往只是一个简单的日志系统,而并不具备对日志进行分析的能力。
But the traditional database audit system is always only a simple log system without the ability of analyzing the log records.
网络系统中存在大量的日志审计数据,在这些日志审计数据中含有许多与安全有关的信息。
In network system there is a large amount of log audit data which contain much information related to security.
网格不同于传统的分布式系统,网络规模更大,结构更加复杂,对日志系统和安全审计也提出了更高的要求。
Grid is different from the distributed system, it's sweeping and its configuration is more complex, so the demand to the log system and the security audit is also higher.
网络审计系统广泛应用于园区网络,实现园区网络内的身份认证、访问控制、日志记录以及流量计费等功能。
The network Auditing System usually used to implement the user authentication, access control, log recording and other functions such as flow charge in a large network.
入侵检测系统可以从日志审计数据中提取安全模式规则。
So IDS can extract security mode rules from the log audit data.
随着网络规模的扩大,日志审计系统中单个日志服务器受到处理能力的限制,已经成为系统的瓶颈。
With the expanding of network size, the transacting capability of the single log server in log audit system is limited, which has already become the bottleneck of that system.
本文的安全审计系统主要由数据采集、数据分析、日志记录三部分组成。
This security audit system mainly consists of three parts: data collection, data analysis and logging.
安全审计系统能够及时地将用户操作以日志的形式记录下来,并且对违规操作进行阻断,日志信息可以为事后取证提供证据。
Security audit system can record the user's actions and block the user's illegal operations in a timely manner. The log information can provide evidence for the computer forensics.
设计和实现了一个基于B/S&C/S混合模式的网络日志监控与安全审计系统原型,并对原型系统在实际应用环境中采集到的日志数据进行安全审计与分析。
The prototype of LSSAS in network based on B / S& C/ S mixing mode is designed and implemented, and the log data collected by prototype system in the applied environment are analyzed and audited.
审计日志是多种入侵检测系统的重要信息来源,因而审计系统就成为黑客或攻击者对付的主要目标。
Useful information could be abstracted from audit log of computers by most of host-based intrusion detection systems. Therefore, audit system become a target to be compromised by hackers or attackers.
审计日志是多种入侵检测系统的重要信息来源,因而审计系统就成为黑客或攻击者对付的主要目标。
Useful information could be abstracted from audit log of computers by most of host-based intrusion detection systems. Therefore, audit system become a target to be compromised by hackers or attackers.
应用推荐