Abstract:

To address the issue of the increasing massive and complicated internal network application of the enterprises, we propose a system network monitoring platform with the combination of Esper and Nagios. This platform will apply the event flow technology to the network security event control by using the strategy analysis and rule engine to actively handle the network security events. As a result, it supports the large scale dynamic network event decisionmaking analysis with high efficiency. It can realize the active warning and real time passive notification before and after the event. Thus, it avoids the solidified effects caused by the static monitoring and supervision system, and updates the dynamic setting of the rule with the capacity of meeting the business needs of the enterprises perfectly.

Key words: network monitoring;Esper;Nagios;event control;strategy analysis