Top Qs

Timeline

Chat

Perspective

Alert correlation

Type of log analysis From Wikipedia, the free encyclopedia

Remove ads

Alert correlation is a type of log analysis. It focuses on the process of clustering alerts (events), generated by NIDS and HIDS computer systems, to form higher-level pieces of information.

This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)

The topic of this article may not meet Wikipedia's general notability guideline. (January 2012)

This article does not cite any sources. (January 2012)

Example of simple alert correlation is grouping invalid login attempts to report single incident like "10000 invalid login attempts on host X".

Remove ads

See also

This article needs additional or more specific categories. (March 2023)

This computer security article is a stub. You can help Wikipedia by expanding it.

Loading related searches...

Wikiwand - on

Seamless Wikipedia browsing. On steroids.

Remove ads