| 摘要 |
There is provided an IDS log analysis support apparatus, an IDS log analysis support method, and an IDS log analysis support program that enable logs that are different from normal logs to be extracted from logs output in great quantity from a variety of IDS, and enable the degree of abnormality thereof to be objectively evaluated. The apparatus has a log collection section that collects logs of IDS that are connected to a telecommunication network, a database that stores and manages logs collected by the log collection section, and a log analysis section that obtains statistics of logs managed by the database and performs analysis processing thereon.
|
