Overview

This article provides information on the classification of events in GFI EventsManager.

Information

GFI EventsManager classifies events into 5 categories:

1. Critical
2. High
3. Medium
4. Low
5. Noise (unwanted or repeated log entries)

Event classification is based on the configuration of the rules that are executed against the collected logs. Events that do not satisfy any event classification conditions are tagged as unclassified and can be set to trigger the same alerts and actions available for classified events.

Event Processing, Classification and Actions Flowchart

The flowchart chart below illustrates the Event Processing stages performed by GFI EventsManager.