Information technology managers often must monitor and manage an information technology architecture consisting of a large number of systems for failures, security breaches, and network utilization. Often these systems generate a large amount of data that is stored in log files that can be used to reconstruct the mode of failure, how a security breach occurred, or the historical performance of the systems. Many systems may send the data simultaneously to a monitoring system.
Information in the data often includes the local time and date that is on the system that sent the data with accompanying information, such as a particular user has logged in, a security event has been detected, or failures are occurring in a subcomponent of the system. The data may be sent from the systems using various types of network protocols including transmission control protocol/internet protocol (TCP/IP), syslog, asynchronous transfer mode (ATM), or user datagram protocol (UDP). Further the data could be received at the monitoring system through wired or wireless network connections.