| Randall A Sindlinger on 24 Mar 2011 06:42:01 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Is there terminology for... [Was: Is there a better name for...] |
On Thu, Mar 24, 2011 at 02:51:45AM -0400, JP Vossen wrote: > On 03/23/2011 04:23 PM, JP Vossen wrote: > >...a "log check"? > [...] > > But it seems like it should > >be a basic sort of "Computer Science" thing, related to filtering or > >something. So, can anyone think of a better name and/or older example > >for this process or concept? > > Thanks for the feedback so far, but I guess I wasn't clear. I don't > want to rename the project or do anything like that. It just seems > to me that this should be a basic "Computer Science" concept that > should have a name, but I don't know what it is. > > For example, when you figure out how to store data in your program, > you are using "data structures." So a logcheck is a subset of > "filtering" which is arguably a subset of "searching." > > More clear? OK. Well, in terms of terminology, it occured to me that a log check is really a subset of what an IDS does. So I pulled up IDS in wikipedia http://en.wikipedia.org/wiki/Intrusion_detection_system It has a nice section of "terminology" - it's worth reading the page, just to get the buzz words actively bouncing inside. So, based on a couple sections [1,2], let me suggest "signature-based log filtering" as a term you could use. -Randall [1] http://en.wikipedia.org/wiki/Intrusion_detection_system#Terminology "Alarm filtering" [2] http://en.wikipedia.org/wiki/Intrusion_detection_system#Signature-based_IDS -- Randall Sindlinger Systems Programmer, CETS School of Engineering and Applied Science University of Pennsylvania ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug