Syslog Daemon for Security Event Monitoring using UDP Protocol

摘要

Most of all the devices including Information Technology (IT) enterprise devices consists of data or documents. All those devices require security or protection from any kind of threats. Threats can be from external or internal. The internal threats that are generated from the current system or device on which routine works are carried out are discussed. Internal threats like disk capacity, storage capacity warning, resource exhaustion, message tampering, unsuccessful login, max tries etc. These threats are unpredictable and at any time they may occur so device should be under monitoring. Hence the server is developed employing User Datagram Protocol (UDP), works like a Daemon which monitors and stores the security alerts indicating different events that arise from the system itself into the database. Here security event logger test application is used to generate the alerts and for three different events alerts are generated and tested. Analyzing the alerts that are stored in the form of syslog message format, measures are taken to safeguard the device and data, depending on the severity of the alerts.