Abstract: A processing pipeline for supporting advanced analytics for network monitoring and information management as well as specific analytics for particular use cases. The processing pipeline 500 takes in system data (502) and pre-processes (504) the system data. The system data (502) may include any of the types of data described above including text log files, and categorical data from various sources. The illustrated processing pipeline 500 includes two branches; a data modeling branch (506) where a model is developed for the data and a data evaluation branch (508) where the developed model is leveraged to evaluate live data. For certain event detection use cases, the output of the data evaluation branch (508) includes a score (510) (e.g., a threat level score) and context information for evaluating the threat.

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: A processing pipeline for supporting machine-learning processes for network monitoring and information management as well as specific analytics for particular use cases. The processing pipeline 500 takes in system data (502) and pre-processes (504) the system data. The system data (502) may include any of the types of data described above including text log files, and categorical data from various sources. The illustrated processing pipeline 500 includes two branches; a data fitting branch (506) where a model is developed for the data and a data transformation branch (508) where the developed model is leveraged to transform live data. For certain event detection use cases, the output of the data transformation branch (508) includes a score (510) (e.g., a threat level score) and an attribution (512).

Abstract: A processing pipeline for supporting machine-learning processes for network monitoring and information management as well as specific analytics for particular use cases. The processing pipeline 500 takes in system data (502) and pre-processes (504) the system data. The system data (502) may include any of the types of data described above including text log files, and categorical data from various sources. The illustrated processing pipeline 500 includes two branches; a data fitting branch (506) where a model is developed for the data and a data transformation branch (508) where the developed model is leveraged to transform live data. For certain event detection use cases, the output of the data transformation branch (508) includes a score (510) (e.g., a threat level score) and an attribution (512).

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: A processing pipeline for supporting advanced analytics for network monitoring and information management as well as specific analytics for particular use cases. The processing pipeline 500 takes in system data (502) and pre-processes (504) the system data. The system data (502) may include any of the types of data described above including text log files, and categorical data from various sources. The illustrated processing pipeline 500 includes two branches; a data modeling branch (506) where a model is developed for the data and a data evaluation branch (508) where the developed model is leveraged to evaluate live data. For certain event detection use cases, the output of the data evaluation branch (508) includes a score (510) (e.g., a threat level score) and context information for evaluating the threat.

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: A processing pipeline for supporting advanced analytics for network monitoring and information management as well as specific analytics for particular use cases. The processing pipeline 500 takes in system data (502) and pre-processes (504) the system data. The system data (502) may include any of the types of data described above including text log files, and categorical data from various sources. The illustrated processing pipeline 500 includes two branches; a data modeling branch (506) where a model is developed for the data and a data evaluation branch (508) where the developed model is leveraged to evaluate live data. For certain event detection use cases, the output of the data evaluation branch (508) includes a score (510) (e.g., a threat level score) and context information for evaluating the threat.

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: Tools for use in obtaining useful information from processed log messages generated by a variety of network platforms (e.g., Windows servers, Linux servers, UNIX servers, databases, workstations, etc.). The log messages may be processed by one or more processing platforms or “log managers” using any appropriate rule base to identify “events” (i.e., log messages of somewhat heightened importance), and one or more “event managers” may analyze the events to determine whether alarms should be generated therefrom. The tools may be accessed via any appropriate user interface of a console that is in communication with the various log managers, event managers, etc., to perform numerous tasks in relation to logs, events and alarms.

Abstract: A processing pipeline for supporting advanced analytics for network monitoring and information management as well as specific analytics for particular use cases. The processing pipeline 500 takes in system data (502) and pre-processes (504) the system data. The system data (502) may include any of the types of data described above including text log files, and categorical data from various sources. The illustrated processing pipeline 500 includes two branches; a data modeling branch (506) where a model is developed for the data and a data evaluation branch (508) where the developed model is leveraged to evaluate live data. For certain event detection use cases, the output of the data evaluation branch (508) includes a score (510) (e.g., a threat level score) and context information for evaluating the threat.

Abstract: A processing pipeline for supporting machine-learning processes for network monitoring and information management as well as specific analytics for particular use cases. The processing pipeline 500 takes in system data (502) and pre-processes (504) the system data. The system data (502) may include any of the types of data described above including text log files, and categorical data from various sources. The illustrated processing pipeline 500 includes two branches; a data fitting branch (506) where a model is developed for the data and a data transformation branch (508) where the developed model is leveraged to transform live data. For certain event detection use cases, the output of the data transformation branch (508) includes a score (510) (e.g., a threat level score) and an attribution (512).

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: Tools for use in obtaining useful information from processed log messages generated by a variety of network platforms (e.g., Windows servers, Linux servers, UNIX servers, databases, workstations, etc.). The log messages may be processed by one or more processing platforms or “log managers” using any appropriate rule base to identify “events” (i.e., log messages of somewhat heightened importance), and one or more “event managers” may analyze the events to determine whether alarms should be generated therefrom. The tools may be accessed via any appropriate user interface of a console that is in communication with the various log managers, event managers, etc., to perform numerous tasks in relation to logs, events and alarms.

Abstract: Tools for use in obtaining useful information from processed log messages generated by a variety of network platforms (e.g., Windows servers, Linux servers, UNIX servers, databases, workstations, etc.). The log messages may be processed by one or more processing platforms or “log managers” using any appropriate rule base to identify “events” (i.e., log messages of somewhat heightened importance), and one or more “event managers” may analyze the events to determine whether alarms should be generated therefrom. The tools may be accessed via any appropriate user interface of a console that is in communication with the various log managers, event managers, etc., to perform numerous tasks in relation to logs, events and alarms.

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.

Abstract: An advanced intelligence engine (AIE) for use in identifying what may be complex events or developments on one or more data platforms or networks from various types of structured or normalized data generated by one or more disparate data sources. The AIE may conduct one or more types of quantitative, correlative, behavioral and corroborative analyses to detect events from what may otherwise be considered unimportant or non-relevant information spanning one or more time periods. Events generated by the AIE may be passed to an event manager to determine whether further action is required such as reporting, remediation, and the like.