J4 ›› 2012, Vol. 34 ›› Issue (9): 8-12.
• 论文 • 上一篇 下一篇
蔡昭权,索剑,汪华斌,卢庆武,罗伟
收稿日期:
修回日期:
出版日期:
发布日期:
基金资助:
广东省科技计划资助项目(2010B080701093);惠州市科技计划资助项目(2010B020008013,2010C020007001)
CAI Zhaoquan,SUO Jian,WANG Huabin,LU Qingwu,LUO wei
Received:
Revised:
Online:
Published:
摘要:
本文针对日益庞大复杂的企业内部网络应用,提出一种结合Esper和Nagios的系统网络监控平台。该平台将事件流技术应用到网络安全事件处理中,利用策略分析和规则引擎主动处理网络安全事件,高效支持大规模网络事件动态决策分析。实现了事前主动警告和实时被动通告,避免了静态监控和监视系统造成的固化效果,实现了规则的动态设定和更新,能够完美配合企业的业务需要。
关键词: 网络监控, Esper, Nagios, 事件处理, 策略分析
Abstract:
To address the issue of the increasing massive and complicated internal network application of the enterprises, we propose a system network monitoring platform with the combination of Esper and Nagios. This platform will apply the event flow technology to the network security event control by using the strategy analysis and rule engine to actively handle the network security events. As a result, it supports the large scale dynamic network event decisionmaking analysis with high efficiency. It can realize the active warning and real time passive notification before and after the event. Thus, it avoids the solidified effects caused by the static monitoring and supervision system, and updates the dynamic setting of the rule with the capacity of meeting the business needs of the enterprises perfectly.
Key words: network monitoring;Esper;Nagios;event control;strategy analysis
蔡昭权,索剑,汪华斌,卢庆武,罗伟. 基于Esper和Nagios的网络监控系统设计与实现[J]. J4, 2012, 34(9): 8-12.
CAI Zhaoquan,SUO Jian,WANG Huabin,LU Qingwu,LUO wei. Design and Implementation of Esper &Nagios Based Network Monitoring System[J]. J4, 2012, 34(9): 8-12.
0 / / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://joces.nudt.edu.cn/CN/
http://joces.nudt.edu.cn/CN/Y2012/V34/I9/8
