The multi-source heterogeneous log analysis technology is one of the hottest topics in the area of network security in recent years,which attracts the interest of more and more domestic and abroad researchers.According to the characteristics of multi-source log in network system,a multi-source heterogeneous log analysis model which composed of focused analysis,statistical analysis and causality correlation analysis is proposed in this paper.Importance Evaluation method is introduced to the focused analysis for log information and an example is given to illustrate it,then causality correlation algorithm for multi-source log is discussed.Finally an example of actual network data is given to validate the comprehensive analysis model and algorithm.The results show that this model and algorithm is feasible and effective.