JP2014056346A - Log storage system, method of generating archive log, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a technology for selectively storing log information in accordance with a user's credibility.SOLUTION: A log storage system comprising a user terminal 101, and a log object server 103 and a log storage control server 106 which are connected to the user terminal 101 through a network 102. The log object server 103 transmits a log 105 to be outputted when the log object server 103 is utilized to the log storage control server 106, and the log storage control server 106 has a credibility determination unit 108 for determining the credibility 109 of a user who uses the log object server 103 from the log 105, and an archive log generation unit 110 for comparing the credibility reference of each item constituting the log 105 with the credibility 109, and storing an item whose credibility reference is higher than the credibility 109 to generate an archive log 111.

Description

  The present invention relates to a log storage system, a storage log generation method, and a program.

  In recent information systems, the progress of cloud computing and market penetration is remarkable. This cloud computing (hereinafter referred to as “cloud”) is a technology for using each IT resource as a service through a network, instead of possessing IT resources of various layers such as software, middleware, and hardware. When using such a cloud service, the user does not need to know what processing is being performed by the hardware and applications that make up the cloud. From the cloud provider's perspective, there is no need to know what kind of work or data the user is using.

  However, as a cloud business operator, it is necessary to collect and manage a log such as a failure log for the purpose of stabilizing system operation in order to comply with SLA (Service Level Agreement) with a user.

  Furthermore, an example of the increasing importance of logs is the use of logs for auditing, which proves the normality of the system for the purpose of internal control and financial auditing. The audit log is required to accumulate a normal log. In this case, the amount of log information increases, and measures such as log compression are required.

  As a background art in this technical field, there is JP-A-2007-141171 (Patent Document 1). This publication states that “It is possible to detect whether or not there has been an illegal act on the log information by multiple management of the same log information by different management devices”. Moreover, there exists Unexamined-Japanese-Patent No. 2006-221617 (patent document 2). This gazette states that “the file compression unit compresses the audit log file in the local storage medium at a predetermined timing. Further, the log management unit transfers the automatically compressed audit log file to the external storage medium and stores it locally. The data in the medium is deleted. " Moreover, there exists 2010-39878 gazette (patent document 3). This gazette states that “a large amount of logs are separated into summary logs and other detailed logs according to their similarity and presence / absence of results. Maintain, and reduce the load of computing resources such as a CPU and a storage device ”.

JP 2007-141171 A JP 2006-221617 A JP 2010-39878 A

  In general, cloud services must be used by an unspecified number of users, and the same content must be used for various purposes. Furthermore, due to the nature of providing cloud services via the Internet, use from overseas users must also be assumed. Here, for overseas users, it is necessary to consider the risks in the export management rules of the cloud operator, and the degree of credit of the users (hereinafter referred to as credit ratings) is evaluated based on the export management rules. In such a case, the collection of audit logs may not be necessary depending on the user, but the amount of log information can be obtained by collecting all the detailed logs even for users who have no problem from the trustworthiness level. There is a problem that becomes enormous.

  Further, the methods such as Patent Document 2 and Patent Document 3 have a problem that the load of calculation resources such as a CPU (Central Processing Unit), a storage device, and a network increases.

  Therefore, the present invention solves the conventional problems, and a typical object thereof is to provide a technique for selecting and storing log information according to the user's reliability.

  The above and other objects and novel features of the present invention will be apparent from the description of this specification and the accompanying drawings.

  Of the inventions disclosed in the present application, the outline of typical ones will be briefly described as follows.

  The present invention is a log storage system including a user terminal, a log target server connected to the user terminal via a network, and a log storage control server. When the log target server is used, The log to be output is transmitted to the log storage control server.

  Then, the log storage control server compares the reliability with a reliability specifying unit that specifies the reliability of the user who uses the log target server from the log, the reliability reference of each item constituting the log, and the reliability. The above-described problem is solved by having a storage log generation unit that generates a storage log by storing an item whose reference is higher than the trustworthiness.

  The present invention can also be applied to a method by a system for determining an item to be excluded from the storage target and a program for causing a computer to function as a system for determining an item to be excluded from the storage target.

  Among the inventions disclosed in the present application, effects obtained by typical ones will be briefly described as follows.

  Log information can be selected and stored according to the user's credit rating.

It is a figure which shows the outline | summary of the structural example of the log storage system in one embodiment of this invention. FIG. 2 is a diagram illustrating a configuration example of a log output by an application in the log storage system of FIG. 1. FIG. 3 is a diagram illustrating a configuration example of a trustworthiness correspondence table in the log storage system of FIG. 1. FIG. 2 is a diagram illustrating an outline of a configuration example of a reliability specifying unit in the log storage system of FIG. 1. FIG. 2 is a diagram illustrating an example of a processing flow of a reliability specifying unit in the log storage system of FIG. 1. FIG. 2 is a diagram illustrating an outline of a configuration example of a storage log generation unit in the log storage system of FIG. 1. FIG. 3 is a diagram illustrating a configuration example of a trustworthiness reference list in the log storage system of FIG. 1. FIG. 3 is a diagram illustrating a configuration example of a reliability reference correspondence table stored in a storage log generation unit in the log storage system of FIG. 1. In the log storage system of FIG. 1, it is a figure which shows the example of a log mask production | generation (when a user's reliability is "H"). FIG. 3 is a diagram illustrating a log mask generation example (when a user's credit rating is “M”) in the log storage system of FIG. 1. FIG. 3 is a diagram illustrating a log mask generation example (when a user's credit rating is “L”) in the log storage system of FIG. 1. FIG. 3 is a diagram illustrating an example of generation of a storage log (when a user's reliability is “H”) in the log storage system of FIG. 1. FIG. 3 is a diagram illustrating a generation example of a storage log (when a user's credit rating is “M”) in the log storage system of FIG. 1. FIG. 3 is a diagram illustrating an example of generation of a storage log (when a user's credit rating is “L”) in the log storage system of FIG. 1. FIG. 2 is a diagram illustrating an example of a processing flow of a storage log determination unit in the log storage system of FIG. 1.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. Note that components having the same function are denoted by the same reference symbols throughout the drawings for describing the embodiment, and the repetitive description thereof will be omitted.

<System configuration>
FIG. 1 is a diagram showing an outline of a configuration example of a log storage system 10 according to the present embodiment. 1, the log storage system 10 includes, for example, a user terminal 101, a log target server 103 and a log storage control server 106 connected to the user terminal 101 via the network 102, and a log connected to the log storage control server 106. A database 113 and an administrator terminal 115 connected to the log storage control server 106 are provided. FIG. 1 shows an example in which the log target server 103 and the log storage control server 106 are configured on a one-to-one basis, but the log target server 103 is configured by a single log storage control server 106 for a plurality of log target servers 103. Also good. Further, although an example in which the user terminal 101 and the log target server 103 are configured on a one-to-one basis is illustrated, the log target server 103 may be configured by one user terminal for a plurality of user terminals 101. Furthermore, the log target server 103 and the log storage control server 106 may be configured by one server device.

  Further, the user terminal 101, the log target server 103, the log storage control server 106, the log database 113, and the administrator terminal 115 are implemented by predetermined hardware and software. For example, the user terminal 101, the log target server 103, the log storage control server 106, the log database 113, and the administrator terminal 115 have a processor, a memory, and the like, and various functions to be described later are executed by executing a program on the memory by the processor. Realize.

  The log target server 103 transmits the log 105 output from the application 104 to the log storage control server 106.

  The log storage control server 106 includes a log input unit 107, a reliability specifying unit 108, a storage log generation unit 110, a log output unit 112, and a log display information generation unit 114.

  The log input unit 107 receives the log 105 transmitted from the log target server 103. Then, the log input unit 107 transmits the received log 105 to the reliability specifying unit 108 and the storage log generation unit 110.

  The reliability specifying unit 108 (described later, FIG. 4) specifies the user ID 301 from the received log 105. Then, the trustworthiness specifying unit 108 transmits the trustworthiness 109 corresponding to the user ID 301 to the storage log generating unit 110.

  The storage log generation unit 110 (described later, FIG. 6) generates a storage log 111 in which items of the log 105 to be stored are selected according to the user's trustworthiness 109. Then, the storage log generation unit 110 transmits the storage log 111 to the log output unit 112.

  The log output unit 112 outputs the storage log 111 to the log database 113.

  The log database 113 transmits the stored storage log 111 to the log display information generation unit 114.

  The log display information generation unit 114 generates display information for displaying the received storage log 111 on the user terminal 101. The generated display information is transmitted to the user terminal 101.

  The user terminal 101 analyzes the received display information and displays the storage log 111.

  The log display information generation unit 114 may generate display information only for the log of the user terminal 101 (user) in response to a log display request from the user terminal 101 (user).

  Further, the log display information generation unit 114 outputs the log in the log database 113 to the administrator terminal 115 that manages the log storage control server 106. The log display information generation unit 114 may generate display information for displaying the received storage log on the administrator terminal 115.

<Constitution of creditworthiness identification part>
FIG. 4 is a diagram showing an outline of a configuration example of the reliability specifying unit 108. The creditworthiness specifying unit 108 includes a user specifying unit 401, a customer database 402, a creditworthiness extracting unit 404, and a creditworthiness correspondence table 405.

  The customer database 402 stores a user name of a user who uses the application 104 and a user ID 301 in association with each other. Further, the customer database 402 stores the IP address of the user terminal 101 and the user ID 301 in association with each other.

  The trustworthiness correspondence table 405 stores the user ID 301 and the trustworthiness 109 in association with each other.

  The user specifying unit 401 receives the log 105 transmitted from the log input unit 107. Then, the user specifying unit 401 extracts the corresponding user ID 301 from the customer database 402 from the user name of the user stored in the received log 105 or the IP address of the user terminal 101. Then, the user identification unit 401 transmits the identified user ID 301 to the credit extraction unit 404.

  The trustworthiness extraction unit 404 extracts the trustworthiness 109 corresponding to the user ID 301 received from the user specifying unit 401 from the trustworthiness correspondence table 405. Then, the extracted reliability 109 is transmitted to the storage log generation unit 110.

<Storage log generation unit configuration>
FIG. 6 is a diagram illustrating an outline of a configuration example of the storage log generation unit 110. The storage log generation unit 110 includes a log ID identification unit 601, a credit reference list extraction unit 603, a credit reference correspondence table 604, a log mask generation unit 606, and a storage log generation unit 608.

  The log ID specifying unit 601 specifies the log ID 602 of the log 105 to be received. Then, the log ID specifying unit 601 transmits the specified log ID 602 to the reliability reference list extracting unit 603.

  The trustworthiness reference list extraction unit 603 searches the trustworthiness reference correspondence table 604 (described later, FIG. 8) using the log ID 602 received from the log ID specifying unit 601 as a key. Then, the trustworthiness reference list 605 (described later, FIG. 7) extracted from the trustworthiness reference correspondence table 604 is transmitted to the log mask generation unit 606.

  The log mask generation unit 606 generates a log mask 607 (described later, FIG. 9, FIG. 10) from each credit reference 820 of the trust reference list 605 received from the trust reference list extraction unit 603 and the trust 109 received from the trust specifying unit 108. FIG. 11) is generated.

  Specifically, the log mask generation unit 606 generates a log mask for excluding items whose creditworthiness reference 820 is equal to the user's trustworthiness 109 or items whose user trustworthiness 109 is lower than the trustworthiness reference 820 from the storage target. Generate. Then, the log mask generation unit 606 transmits the generated log mask 607 to the storage log generation unit 608.

  The storage log generation unit 608 generates the storage log 111 based on the log mask 607. Specifically, the storage log generation unit 608 generates the storage log 111 by excluding the item information 201 of the corresponding log 105 from the storage target based on the log mask 607. Then, the storage log generation unit 608 transmits the generated storage log 111 to the log output unit 112.

<Data configuration (1): Log configuration>
FIG. 2 shows a configuration example of the log 105 output from the application 104. The log 105 includes items such as [Item 1], [Item 2], [Item 3], [Item 4], [Item 5], [Item 6], and stores item information 201 corresponding to each item. To do. [Item 1] indicates the date and time when the application 104 outputs the log 105. [Item 2] indicates the application name of the application 104 that has output the log. [Item 3] indicates user information which is the user name of the user who uses the application 104 or the IP address of the user terminal 101 which uses the application 104. [Item 4] indicates processing (e-mail transmission, Web reference, etc.) performed by the application 104. [Item 5] indicates success or failure of processing performed by the application 104. [Item 6] indicates the usage amount of the resource (time, data amount).

<Data structure (2): Structure of credit rating correspondence table>
FIG. 3 shows a configuration example of the trustworthiness correspondence table 405 stored in the trustworthiness specifying unit 108. The trustworthiness correspondence table 405 stores [trustworthiness] in association with each [user ID]. [User ID] is a symbol for identifying a user who uses the application 104. [Trustworthiness] indicates a trustworthiness 109 indicating the degree of trust of the user. The reliability 109 is determined by performing user evaluation based on, for example, export management regulations.

  Here, in FIG. 3, the trustworthiness 109 is represented in three stages of “L”, “M”, and “H”. In the example of FIG. 3, “L” has the lowest trustworthiness and “H” has the highest trustworthiness, and “M” has a trustworthiness 109 in the middle of “L” and “H”.

  Note that the reliability 109 may be defined by selecting any value as long as it is binary or higher. For example, the user's trustworthiness 109 may be divided into 10 levels such as “1” to “10”.

  Further, the trustworthiness correspondence table 405 can be created prior to the provision of the cloud service to the user. For example, when a user applies for the use of a cloud service, first, the user ID 301 of the user is determined, and the trustworthiness correspondence table 405 is created by specifying the trustworthiness 109 of the user from a trustworthiness database (not shown). May be.

<Data configuration (3): Configuration of creditworthiness reference correspondence table>
FIG. 8 shows a configuration example of the trustworthiness reference correspondence table 604 stored in the storage log generation unit 110. The reliability reference correspondence table 604 associates each log ID 602 with the credit reference 820 for each item [item 1], [item 2], [item 3], [item 4], [item 5], and [item 6]. Remember. [Log ID] is a symbol for identifying a log, and the trustworthiness reference list extraction unit 603 extracts a trustworthiness reference list that matches the log ID. When there is no corresponding log ID 602, a credit reference list corresponding to the log X is output.

  Here, the trustworthiness reference 820 serves as a criterion for determining whether or not to save the item information 201 of the corresponding item by comparing with the trustworthiness 109. In FIG. 8, “Ref_L”, “Ref_M”, “ Ref_L ”. For example, “Ref_L” means that the credit reference 820 is the lowest and “Ref_H” means the highest, and “Ref_M” means the credit reference 820 is between “Ref_L” and “Ref_H”.

  Further, the credit quality reference 820 and the credit quality 109 have “Ref_L” equal to “L”, “Ref_M” equal to “M”, and “Ref_H” equal to “H”.

  The reliability reference 820 may be selected and defined as long as it is binary or higher. For example, the user's trustworthiness reference 820 may be divided into 10 levels such as “1” to “10”.

<Structure of credit reference list>
FIG. 7 shows a configuration example of the trustworthiness reference list 605. The credit quality reference list 605 includes items [item 1], [item 2], [item 3], [item 4], [item 5], and [item 6] of the log ID 602 extracted by the credit quality reference list extraction unit 603. And the credit reference 820 are stored in association with each other.

<Processing (1): Processing Flow of Credit Rating Part>
FIG. 5 shows the processing of the trustworthiness specifying unit 108 from when the log 105 is input from the log input unit 107 to when the trustworthiness 109 is output (S indicates a processing step or the like). First, in S50, when the log 105 is input to the user specifying unit 401, the user specifying unit 401 stores user information such as the user name and the IP address of the user terminal 101 stored in the log 105 (the item in FIG. 2). The customer database 402 is searched using 3) as a key, and the user ID 301 is extracted. The user identification unit 401 transmits the extracted user ID 301 to the credit extraction unit 404.

  Next, in S <b> 51, the trustworthiness extraction unit 404 searches the trustworthiness correspondence table 405 using the received user ID 301 as a key, and extracts the trustworthiness 109 corresponding to the matching user ID 301.

  Then, the trustworthiness extraction unit 404 transmits the extracted trustworthiness 109 to the storage log generation unit 110.

<Processing (2): Processing Flow of Saving Log Generation Unit>
FIG. 15 illustrates processing of the storage log generation unit 110 from when the log 105 is input to when the storage log 111 is output.

  First, in S <b> 150, the log ID specifying unit 601 receives the log 105 from the log input unit 107. Then, the log ID 602 is specified from the received log 105. Next, the log ID specifying unit 601 transmits the specified log ID 602 to the reliability reference list extracting unit 603.

  Next, in S151, the trustworthiness reference list extraction unit 603 searches the trustworthiness reference correspondence table 604 using the received log ID 602 as a key. Then, the trustworthiness reference list extraction unit 603 extracts the trustworthiness reference list 605 that matches the key (log ID 602) from the trustworthiness reference correspondence table 604. Next, the trustworthiness reference list extraction unit 603 transmits the extracted trustworthiness reference list 605 to the log mask generation unit 606.

  Next, in S152, the log mask generation unit 606 determines the log mask 607 (described later with reference to FIGS. 9 and 10) from each credit reference 820 of the received credit reference list 605 and the credit 109 received from the credit specifying unit 108. FIG. 11) is generated. Specifically, the log mask generation unit 606 compares each credibility reference 820 with the credibility 109. Then, a log mask is generated for excluding an item corresponding to an item for which the trustworthiness reference 820 is equal to the trustworthiness 109 or an item for which the trustworthiness 109 is lower than the trustworthiness reference 820 from the storage target. Then, the log mask generation unit 606 transmits the generated log mask 607 to the storage log generation unit 608.

  In step S153, the storage log generation unit 608 generates the storage log 111 based on the received log mask 607. Specifically, the storage log generation unit 608 excludes the corresponding log 105 items from the storage target based on the log mask 607 and stores only the items that are not excluded from the storage target, thereby storing the storage log 111. Is generated. Then, the storage log generation unit 608 transmits the generated storage log 111 to the log output unit 112.

<Example of log mask generation>
9 to 11 are diagrams illustrating examples of the log mask 607. FIG.

  FIG. 9 shows an example in which the trustworthiness reference list 605 whose log ID 602 is “1” is extracted from the trustworthiness reference correspondence table 604 and the user trustworthiness 109 is “H”.

  First, the reliability reference 820 of [Item 1] is “Ref_L”, which is lower than the reliability “H”. Next, the reliability reference 820 of [Item 2] is “Ref_M”, which is lower than the reliability “H”. Next, the reliability reference 820 of [Item 3] is “Ref_M”, which is lower than the reliability “H”. Next, the reliability reference 820 of [Item 4] is “Ref_L”, which is lower than the reliability “H”. Next, the reliability reference 820 of [Item 5] is “Ref_L”, which is lower than the reliability “H”. Next, the reliability reference 820 of [Item 6] is “Ref_H”, which is equal to the reliability “H”. Therefore, the log mask generation unit 606 excludes the item information 201 of [Item 1], [Item 2], [Item 3], [Item 4], and [Item 5] from the save target, and the item of [Item 6]. A log mask 607 for storing the information 201 is created.

  FIG. 10 shows an example in which the trustworthiness reference list 605 whose log ID 602 is “1” is extracted from the trustworthiness reference correspondence table 604 and the user trustworthiness 109 is “M”.

  First, the reliability reference 820 of [Item 1] is “Ref_L”, which is lower than the reliability “M”. Next, the reliability reference 820 of [Item 2] is “Ref_M”, which is equal to the reliability “M”. Next, the trustworthiness reference 820 of [Item 3] is “Ref_M”, which is equal to the trustworthiness “M”. Next, the reliability reference 820 of [Item 4] is “Ref_L”, which is lower than the reliability “M”. Next, the reliability reference 820 of [Item 5] is “Ref_L”, which is lower than the reliability “M”. Next, the reliability reference 820 of [Item 6] is “Ref_H”, which is higher than the reliability “M”. Therefore, the log mask generation unit 606 excludes the item information 201 of [Item 1], [Item 4], and [Item 5] from the storage target, and the items of [Item 2], [Item 3], and [Item 6]. A log mask 607 for storing the information 201 is created.

  FIG. 11 shows an example in which the trustworthiness reference list 605 whose log ID 602 is “1” is extracted from the trustworthiness reference correspondence table 604 and the user trustworthiness 109 is “L”.

  First, the reliability reference 820 of [Item 1] is “Ref_L”, which is equal to the reliability “L”. Next, the reliability reference 820 of [Item 2] is “Ref_M”, which is higher than the reliability “L”. Next, the reliability reference 820 of [Item 3] is “Ref_M”, which is higher than the reliability “L”. Next, the reliability reference 820 of [Item 4] is “Ref_L”, which is equal to the reliability “L”. Next, the reliability reference 820 of [Item 5] is “Ref_L”, which is equal to the reliability “L”. Next, the reliability reference 820 of [Item 6] is “Ref_H”, which is higher than the reliability “L”. Accordingly, the log mask generation unit 606 stores the log mask 607 for storing the item information 201 of [Item 1], [Item 2], [Item 3], [Item 4], [Item 5], and [Item 6]. Create

<Save log generation example>
12 to 14 are diagrams illustrating examples of creating the storage log 111. FIG. The save log 111 is generated by excluding the item information 201 of the item for which “0” is input in the log mask 607 from the storage target and saving the item information 201 of the item for which “1” is input. The

  FIG. 12 shows an example in which the log 105 items are excluded from the storage targets by the log mask 607 created in the example of FIG. In the log mask 607 created in the example of FIG. 9, “0” is input in the items [Item 1], [Item 2], [Item 3], [Item 4], and [Item 5]. “1” is entered in the item 6]. Therefore, the save log generation unit 608 saves only the item information 201 of [Item 6] of the log 105 and generates the save log 111.

  FIG. 13 shows an example in which the log 105 items are excluded from the storage targets by the log mask 607 created in the example of FIG. In the log mask 607 created in the example of FIG. 10, “0” is input in the items [item 1], [item 4], and [item 5], and [item 2], [item 3], [ “1” is entered in the item 6]. Therefore, the storage log generation unit 608 generates the storage log 111 by storing only the item information 201 of [Item 2], [Item 3], and [Item 6] of the log 105.

  FIG. 14 shows an example in which the items of the log 105 are stored by the log mask 607 created in the example of FIG. In the log mask 607 created in the example of FIG. 11, “1” is input in the items of [Item 1], [Item 2], [Item 3], [Item 4], [Item 5], and [Item 6]. Has been. Therefore, the storage log generation unit 608 stores the item information 201 of [Item 1], [Item 2], [Item 3], [Item 4], [Item 5], and [Item 6] of the log 105. A save log 111 is generated.

<Effects of the present embodiment>
According to the log storage system in the present embodiment described above, log information is selected and stored according to the user's reliability. Therefore, the log can be saved as a whole by storing the log in detail for a user with low creditworthiness and storing the log with a reduced storage amount for a user with high trustworthiness.

  In addition, according to the log storage system of the present embodiment, it is possible to store the user ID 301 and binary or higher credit ratings in association with each other.

  According to the present invention, in a cloud service that is assumed to be used by an unspecified number of users, only a user who needs an audit log is collected, and the detail level of the collected log is also defined for each user. Is possible. Therefore, in the cloud service, it is possible to suppress an increase in the load of calculation resources such as a CPU, a storage device, and a network for collecting logs.

  In addition, according to the present invention, in the use from overseas users, considering the risk in the export management regulations of the cloud operator, the credit evaluation result based on the export management regulations is performed, and based on the result, for each user It is possible to define the level of detail of logs collected. Therefore, it is possible to suppress an increase in the load of computing resources such as CPUs, storage devices, and networks for log collection, while taking into account the risks in the export management regulations of cloud operators when using from overseas users become.

  As mentioned above, although the invention made | formed by this invention was concretely demonstrated based on embodiment, this invention is not limited to the said embodiment, It can change variously in the range which does not deviate from the summary. Needless to say.

  The technique of selecting and storing log information according to the user's trustworthiness according to the present invention can be used for a system, a method, and a program.

DESCRIPTION OF SYMBOLS 10 Log storage system 101 User terminal 102 Network 103 Log object server 104 Application 105 Log 106 Log storage control server 107 Log input part 108 Reliability specification part 109 Reliability 110 Storage log generation part 111 Storage log 112 Log output part 113 Log database 114 Log display information generation unit 115 administrator terminal 201 item information 301 user ID
401 User identification unit 402 Customer database 404 Credit extraction unit 405 Credit correspondence table 601 Log ID identification unit 602 Log ID
603 Credit reference list extraction unit 604 Credit reference correspondence table 605 Credit reference list 606 Log mask generation unit 607 Log mask 608 Save log generation unit 820 Credit reference

Claims (5)

A log storage system comprising a user terminal, a log target server and a log storage control server connected to the user terminal via a network,
The log target server sends a log output when used to the log storage control server,
The log storage control server
A trustworthiness specifying unit that specifies the trustworthiness of a user who uses the log target server from the log;
A credit reference for each item constituting the log and the credit rating, and a storage log generation unit that generates a storage log by storing an item whose credit reference is higher than the credit rating. Log storage system. The log storage system according to claim 1,
The creditworthiness specifying unit has a creditworthiness correspondence table in which a user ID and the creditworthiness are associated with each other,
The storage log generation unit includes a reliability reference correspondence table in which each log ID is associated with a reliability reference of each item. The log storage system according to claim 1,
The log storage system according to claim 1, wherein the reliability is two or more. A log generation method for storage in a log storage system comprising a user terminal, a log target server connected to the user terminal via a network, and a log storage control server,
A log transmission step of transmitting a log output when used by the log target server to the log storage control server;
The log storage control server compares the trustworthiness specifying step for specifying the trustworthiness of a user who uses the log target server from the log, the trustworthiness reference of each item constituting the log, and the trustworthiness reference. A storage log generation method comprising: a storage log generation step of generating a storage log by storing an item higher than the reliability. A program for causing a computer of a log storage system configured by a user terminal, a log target server and a log storage control server connected to the user terminal via a network,
A log transmission step of transmitting a log output when used by the log target server to the log storage control server;
The log storage control server compares the trustworthiness specifying step for specifying the trustworthiness of a user who uses the log target server from the log, the trustworthiness reference of each item constituting the log, and the trustworthiness reference. A program that causes the computer to execute a storage log generation step of generating a storage log by storing an item that is higher in reliability.

Images