ABSTRACT
The Central Control Cluster works as the management controller in the whole system, it deals with tasks like acquiring user requests and doing the retrieval, keeping real-time monitoring of all parts and handling exceptions, triggering, canceling and updating tasks for certain clusters, optimizing the allocation of network connection resources, etc. The Massive log Collection Cluster have its process as execution units, it simultaneously opens several concurrent data collection modules on several machines to promote the data collection efficiency of the whole system. The Massive log Retrieval Cluster is the interactive interface between the whole system and its users. It submits
1 INTRODUCTION
With the wide spread of electronic commerce, social networking sites, video website, network application, the data is also becoming more and more huge for recording these, and even reaching TB or PB, so we call it “massive log”, which is a kind of “Big Data”. It is a hard problem that collects the data effectively, hold and search. In view of the great mass of evidence in computer crime forensics log function in [2], the design of an efficient real-time massive log stored query system is very necessary.
