|
|
Sponsored Content
Special Forums
News, Links, Events and Announcements
Complex Event Processing RSS News
Security Event Management (SEM) with CEP (Part 6) - Realizing SEM with CEP
Post 302124606 by Linux Bot on Monday 2nd of July 2007 01:48:13 AM
07-02-2007
Security Event Management (SEM) with CEP (Part 6) - Realizing SEM with CEP
Security Event Management (SEM) with CEP (Part 6) - Realizing SEM with CEP
In Part 6 in this series, Security Event Management (SEM) with CEP, we look at how CEP can be used to help security experts meet the 5 principles of SEM. In my earlier tutorial series, What is Complex Event Processing?. we reviewed a functional reference architecture for CEP, illustrated below.
- ESB/Messaging Infrastructure - Many state-of-the-art CEP solutions use a secure, standards-based communications infrastructure for distributed event management. This is the most effective way to normalize and manage heterogenous events from many distributed SEM event sources;
- Strong Analytics - Many CEP implementations have extensible event-driven analytics to detect and refine threat-related situations using state-of-the-art techniques like rules-engines, Bayesian networks, neural networks and more;
- EDA - State-of-the-art CEP architectures use standard-compliant messaging, alerts and automated responses to kick off workflow, compliance and other remediation and BPM activities;
- Custom Reporting - Most CEP software applications ofter customizable dashboards. Reports are easily customized with a variety of state-of-the-art graphical studios, including AJAX-based user interfaces; and,
- Scaleable, Distributed Architecture - As illustrated in the CEP reference architecture, event-driven, cooperative agents can be configured to process to millions events in a heterogeneous, distributed architecture.
So, in closing, if you need to build a robust, state-of-the-art fraud, misuse, or intrusion detection system based on the 5 principles of SEM, CEP can help! Congratulations Apama!
Copyright © 2007 by Tim Bass, All Rights Reserved.
More...
|
|
LEARN ABOUT SUNOS
dat_evd_free
dat_evd_free(3DAT) Direct Access Transport Library Functions dat_evd_free(3DAT) NAME
dat_evd_free - destroy an instance of the Event Dispatcher SYNOPSIS
cc [ flag... ] file... -ldat [ library... ] #include <dat/udat.h> DAT_RETURN dat_evd_free ( IN DAT_EVD_HANDLE evd_handle ) PARAMETERS
evd_handle Handle for an instance of the Event Dispatcher. DESCRIPTION
The dat_evd_free() function destroys a specified instance of the Event Dispatcher. All events on the queue of the specified Event Dispatcher are lost. The destruction of the Event Dispatcher instance does not have any effect on any DAT Objects that originated an Event Stream that had fed events to the Event Dispatcher instance. There should be no event streams feeding the Event Dispatcher and no threads blocked on the Event Dispatcher when the EVD is being closed as at the time when it was created. Use of the handle of the destroyed Event Dispatcher in any consequent operation fails. RETURN VALUES
DAT_SUCCESS The operation was successful. DAT_INVALID_HANDLE The evd_handle parameter is invalid DAT_INVALID_STATE Invalid parameter. There are Event Streams associated with the Event Dispatcher feeding it. USAGE
Consumers are advised to destroy all Objects that originate Event Streams that feed an instance of the Event Dispatcher before destroying it. An exception to this rule is Event Dispatchers of an IA. Freeing an IA automatically destroys all Objects associated with it directly and indirectly, including Event Dispatchers. ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Interface Stability |Standard: uDAPL, 1.1, 1.2 | +-----------------------------+-----------------------------+ |MT-Level |Unsafe | +-----------------------------+-----------------------------+ SEE ALSO
libdat(3LIB), attributes(5) SunOS 5.10 16 Jul 2004 dat_evd_free(3DAT)