• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2012, Vol. 34 ›› Issue (9): 8-12.

• 论文 • 上一篇    下一篇

基于Esper和Nagios的网络监控系统设计与实现

蔡昭权,索剑,汪华斌,卢庆武,罗伟   

  1. (惠州学院,广东 惠州 516007)
  • 收稿日期:2011-08-31 修回日期:2011-12-09 出版日期:2012-09-25 发布日期:2012-09-25
  • 基金资助:

    广东省科技计划资助项目(2010B080701093);惠州市科技计划资助项目(2010B020008013,2010C020007001)

Design and  Implementation of Esper &Nagios Based Network Monitoring System

CAI  Zhaoquan,SUO  Jian,WANG Huabin,LU Qingwu,LUO wei   

  1. (Huizhou University,Huizhou 516007,China)
  • Received:2011-08-31 Revised:2011-12-09 Online:2012-09-25 Published:2012-09-25

PDF

256

摘要:

本文针对日益庞大复杂的企业内部网络应用,提出一种结合Esper和Nagios的系统网络监控平台。该平台将事件流技术应用到网络安全事件处理中,利用策略分析和规则引擎主动处理网络安全事件,高效支持大规模网络事件动态决策分析。实现了事前主动警告和实时被动通告,避免了静态监控和监视系统造成的固化效果,实现了规则的动态设定和更新,能够完美配合企业的业务需要。

关键词: 网络监控, Esper, Nagios, 事件处理, 策略分析

Abstract:

To address the issue of the increasing massive and complicated internal network application of the enterprises, we propose a system network monitoring platform with the combination of Esper and Nagios. This platform will apply the event flow technology to the network security event control by using the strategy analysis and rule engine to actively handle the network security events. As a result, it supports the large scale dynamic network event decisionmaking analysis with high efficiency. It can realize the active warning and real time passive notification before and after the event. Thus, it avoids the solidified effects caused by the static monitoring and supervision system, and updates the dynamic setting of the rule with the capacity of meeting the business needs of the enterprises perfectly.

Key words: network monitoring;Esper;Nagios;event control;strategy analysis

湘公网安备 43010502000083号

湘ICP备10006030号

版权所有 © 《计算机工程与科学》 编辑部

地址:中国湖南省长沙市开福区德雅路109号(410073) 电话:0731-87002567 Email: jsjgcykx@vip.163.com

本系统由北京玛格泰克科技发展有限公司设计开发 技术支持:support@magtech.com.cn