Too many times IT world had to face different security problems that were resolved in a reaction manner id est first are observed the negative consequences and then are created patches, service-packs , antivirus software etc.
But too few technics, politics and solutions were adopted to anticipate or preview the aparition of the problems in computer network.
One of the main responsibility of the database, network or system administrator is to read periodically the log events of the machines to reaction with proper activities. This task is time and size consuming because the number of machines, applications , network and the risk of cybernetics terrorism are growing.
This product, in fact a solution is a tool to anticipate , preview and research the system or network problems from different category (system and network attack, bad functioning, bad planning etc. ).
This solution is an automate system to gather Windows system event logs , present them in a syntetic form (who didn’t hear or see a Microsoft Excel pivot table (see)). More, we can search for pattern in event logs behavior (who didn’t hear data Mining technics ( see )). Therefore a system administrator can :
- Analyse quicly a big quantity of event logs whitout read tons of material ;
- Find functioning problems of the machine in the network – for exemple a high quantity of errors get attention on a system that can be bad configured.
This product respect Sarbanes-Oxley acts (politics). The solution was presented in an article on Internet for the largest Microsoft SQL Server community on the web with 277,148 registered members (www.sqlservercentral.com)(author of article is a member of our product development team).
B. What's happened
- Automate(!) gathering of Windows event logs in a network;
- Automate(!) cube (table pivot) refreshing with the new event logs;
Automate(!) emptying event logs database when is reach a threshold because the space in a database on a system is not unlimited .
C. Hardware and software requirements
As a database server on use Microsoft SQL Server 2000 SP4 with Analysis Service Server and as a client Microsoft Excel ( minimal hardware and software requirements can be founded on Microsoft site). This things can be purchased separately (for other information firstname.lastname@example.org )
D. Who can use it
System administrators team ; if there is not a SQLServer DBA we can supply proper consultancy.
E. About future
Identify all standard pattern that can get attention about a bad behavior in a system or network.
As you know SQL Server 2000 data mining technics use only 2 algorithms (Microsoft Decision Trees si Microsoft Clustering). In SQL Server 2005 Microsoft there are 7 algorithms for pattern discovering (see).So we intend to try applying new SQL Server 2005 data mining technics.
We will extend this solution for non-Windows equipments or machines (first Linux).
For other information please e-mail at email@example.com .