Unified Logging Architecture for Performance and Cybersecurity Monitoring

We propose to develop an open, highly scalable, extensible and secure unified logging architecture for performance and cybersecurity monitoring for Naval Control Systems (NCSs). The primary goal of this architecture is to realize a centralized logging infrastructure for monitoring the status of the entire NCS through collecting and aggregating logs from all subsystems. It will be built upon widely deployed open standards-based, real-time, secure technology. Our solution will provide: 1) an extensible and pluggable log aggregation service, 2) heterogeneous platform support, and 3) easy integration with real-time visualization and analytics.At a high level, our solution will collect logs for performance and security from all heterogeneous nodes in sub-systems of NCS. Collected logs will be delivered to a log aggregation service streaming down via unified logging databus. The log aggregation service then collect and route them to databases and data pipelines for analysis, archiving, and visualization.