Visible to the public Biblio

Filters: Keyword is event sources  [Clear All Filters]
2021-03-04
Moskvichev, A. D., Dolgachev, M. V..  2020.  System of Collection and Analysis Event Log from Sources under Control of Windows Operating System. 2020 International Multi-Conference on Industrial Engineering and Modern Technologies (FarEastCon). :1—5.

The purpose of this work is to implement a universal system for collecting and analyzing event logs from sources that use the Windows operating system. The authors use event-forwarding technology to collect data from logs. Security information and event management detects incidents from received events. The authors analyze existing methods for transmitting event log entries from sources running the Windows operating system. This article describes in detail how to connect event sources running on the Windows operating system to the event collector without connecting to a domain controller. Event sources are authenticated using certificates created by the event collector. The authors suggest a scheme for connecting the event collector to security information and event management. Security information and event management must meet the requirements for use in conjunction with event forwarding technology. The authors of the article demonstrate the scheme of the test stand and the result of testing the event forwarding technology.