Commercial banks produce logs all the time in their production and operation. The log data can directly reflect the running status of the system, and the analysis based on the log big data can maximize the hidden value, it is of great significance to the operation and maintenance, optimization and operation of application system. With the continuous development of the scale of commercial banking business, the speed and scale of the log data generated by commercial banks have increased rapidly. These logs are various in various types and formats, and are scattered on various nodes of the production system, often only when there is a problem in the system will go to the scattered nodes to find and analysis, at this time need from the huge log file, located to a system log, need to spend a lot of human time, not to mention the injection of hacker intrusion, it would erase the trace, making it impossible to trace the source, not to mention the valuable information hidden in the logs. In a word, the real data of the logging information system in the actual production process contains a lot of valid information that can reflect the operation of the application system, these information can bring important decision-making reference to the system optimization, operation and maintenance as well as operation.

In the process of communicating with many commercial banks on how to set up the log analysis platform, Hangzhou Palladium Network Technology Co. , Ltd. has summarized the following main requirements: 1. Massive logs are stored in a decentralized way, and it is time-consuming to find them afterwards. The lack of a centralized third-party platform for the collection and storage of logs is neither safe nor compliant. 2. Fast Log lookup, location analysis, which can improve the efficiency of repair failure, reduce the loss; 3. Ability to set security policy based on log type and content, prompt alerts once log matching policy is in place; 4. It Department in the company management reports and inspection of the supervisory department, the need to form a log report; 5. Log Correlation analysis, each node is independent, but an application system needs a complete log data stream to get useful information.

Palladium log security analysis system  is a new generation of log collection and analysis products based on big data technology developed by Parenti Technology Co. , Ltd. . Ilog is a log processing platform which can collect, manage and analyze all kinds of log information. It can collect huge amount of log data in the whole network, the implementation of centralized log management, real-time monitoring, alarm analysis, rapid retrieval. Ilog can not only meet the relevant laws and regulations and industry standards compliance check, but also can effectively produce a large number of log unified security management and in-depth analysis.

Massive log centralized storage through deployment of Paradi Ilog, can be automated to mass data collection and storage, to achieve the network environment of massive log data collection and unified management, the utility model eliminates the risk that the local log storage may be tampered and deleted, reduces the management cost of the scattered log storage, and improves the reliability of the log management;

Big Data Technology to achieve high-speed Retrieval Ilog using Palladium own research and development of high-speed retrieval engine based on big data applications, by matching regular expression, extracting keywords and other means of unstructured log data structure, not only ensure that each query is real-time calculation, and can be in seconds to achieve the response, to achieve a large number of log fast retrieval and accurate matching;

Visual Log Analysis Palladium can generate rich reports based on the statistical analysis of log data to achieve the analysis results visualization. Paradis provides a variety of table and graphic representations (line chart, area chart) , reducing the difficulty of log analysis for managers;

Highly Scalable Paradis supports both single point and cluster deployments to scale resources according to customer needs and reduce unnecessary waste of resources.

1. Real-time monitoring of the server and application status, quickly locate the root cause of the problem, timely detection of performance bottlenecks; 

2. Carry on the correlation analysis to the user business log, accurately depict the consumer portrait, provide the direction for the business development; 

3. Analyze the correlation of the security equipment log, track the attack path of the attacker accurately, and provide convenience for the security analyst; 

4. Record and track the running status of the network, provide technical support for users to carry out compliance construction work, and provide strong evidence for enterprises to comply with regulations.