ABSTRACT
The log is a network device to various events that occur during the running process of the recording. The log is network troubleshooting, network security audit and network performance optimization analysis of the important reference basis, especially in the log alarm information to discover and eliminate network faults, plays a very important role in network security. In large networks, there exist a variety of equipment, including a variety of switches, routers and a variety of application servers, these devices will produce a large amount of log every day. These devices will be generated log collection and centralized storage has the following role in the unified central log server:
1.1 The unified log query interface, shielding equipment difference, improving the efficiency of the log management
There are a large variety of devices and servers in the network of these devices, landing need to consume a large amount of time and energy. Landing equipment, improper operation error will cause the new security threat to the equipment. At the same time, dierent brands, dierent types of equipment log view mode and command also each are not identical,
in log analysis, network management personnel need for dierent equipment or access to the corresponding command to remember to log view. The establishment of centralized log server, only from a single log server visualization interface will be able to see all the equipment log view mode, unified, intuitive, simple, greatly improving the eciency of network management, but also reduces the requirements for network maintenance and management personnel of technology, to avoid landing equipment to equipment may produce false operational risk.
