Research on system logs collection and analysis model of the network and information security system by using multi-agent technology

In order to realize the full rang of information security, a variety of network equipment, safe equipment have been applied to deal with all aspects of information security and protection by many enterprise. These devices, systems produce a lot of security event log in the network security protection, and these event log data format are different, and different safety equipment may generate the same alerts logs, not only resulting in generating redundant events, but not conducive to the next work of network security situational awareness. Therefore, this paper proposed a method by using the multi-agent technology to collect and analysis the log data generated by network devices and security devices, and then generating a fixed-format data structure and building the log collection and analysis systems to facilitate the later maintenance and use of data.