Английская Википедия:Alert correlation

Материал из Онлайн справочника
Перейти к навигацииПерейти к поиску

Шаблон:Short description Шаблон:Multiple issues Alert correlation is a type of log analysis. It focuses on the process of clustering alerts (events), generated by NIDS and HIDS computer systems, to form higher-level pieces of information.

Example of simple alert correlation is grouping invalid login attempts to report single incident like "10000 invalid login attempts on host X".

See also

Шаблон:Improve categories


Шаблон:Computer-security-stub