Activity View The LANguard S.E.L.M. monitor – activity status The Activity view tab shows a graphical view indicating the number of events being collected by LANguard S.E.L.M. over time for e.g. the last 48 hours. All networks have normal operational procedures. When an abnormal activity (possible intrusion) takes place it will also increment the number of events recorded inside the event logs. By monitoring abnormal peaks in events collected you can instantly see that something strange or not normal happened inside your network. By this view can also help you restrict your analysis process to the events which happened during the time at which there was the abnormal peak in activity. For e.g. it is quite normal that the number of events collected during the night should be less than those collected during the day. If when you come in to work you fire up the monitor activity view and see a spike in activity during the night you are instantly aware that you should check out what happened during the night. The activity view can display a graph consisting of the total number of events collected from all the event logs being monitored : security / application / etc. over a period (for e.g. the last 48 hours) or the number of events collected from the security log only over the same period via the check mark "Security event log activity only."