基于EventLog Analyzer的日志服务器配置

Log Server Configuration Based on EventLog Analyzer

计算机网络是学校基础设施中的核心。服务器与网络设备会产生大量的日志记录,这些日志记录在进行账号行为的审计、留存系统运行信息分析和发现黑客入侵行为方面具有重要作用,但这些日志记录并不能长期存在这些设备中。如何保存并管理这些日志记录以便发挥作用成为网络管理工作的重点。该文介绍通过EventLog Analyzer创建日志服务器的配置过程以及对服务器和网络设备的管理。

Computer network is the core of school infrastructure. A large number of log records are produced by servers and network devices. These log records play an important role in the audit of account behavior, the analysis of the running information of the retention system, and the discovery of hacker intrusion, but these log records do not exist in these devices for a long time.How to save and manage these log records in order to play a role becomes the focus of network management. This article introduces the configuration process of creating log server through EventLog Analyzer, as well as the management of servers and network devices.