Randall A Sindlinger on 24 Mar 2011 06:42:01 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Is there terminology for... [Was: Is there a better name for...]

On Thu, Mar 24, 2011 at 02:51:45AM -0400, JP Vossen wrote:
> On 03/23/2011 04:23 PM, JP Vossen wrote:
> >...a "log check"?
> [...]
> > But it seems like it should
> >be a basic sort of "Computer Science" thing, related to filtering or
> >something. So, can anyone think of a better name and/or older example
> >for this process or concept?
> Thanks for the feedback so far, but I guess I wasn't clear.  I don't
> want to rename the project or do anything like that.  It just seems
> to me that this should be a basic "Computer Science" concept that
> should have a name, but I don't know what it is.
> For example, when you figure out how to store data in your program,
> you are using "data structures."  So a logcheck is a subset of
> "filtering" which is arguably a subset of "searching."
> More clear?

OK.  Well, in terms of terminology, it occured to me that a log check
is really a subset of what an IDS does.  So I pulled up IDS in wikipedia


It has a nice section of "terminology" - it's worth reading the page,
just to get the buzz words actively bouncing inside.

So, based on a couple sections [1,2], let me suggest
"signature-based log filtering" as a term you could use.


[1] http://en.wikipedia.org/wiki/Intrusion_detection_system#Terminology "Alarm filtering"
[2] http://en.wikipedia.org/wiki/Intrusion_detection_system#Signature-based_IDS

  Randall Sindlinger
  Systems Programmer, CETS
  School of Engineering and Applied Science
  University of Pennsylvania
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug