GFI EventsManager classifies events in 5 categories;
- Noise (unwanted or repeated log entries)
Event classification is based on the configuration of the rules that are executed against the collected logs. Events that don't satisfy any event classification conditions are tagged as unclassified and can be set to trigger the same alerts and actions available for classified events.
Event Processing, classification and actions flowchart
The flowchart chart below illustrates the Event Processing stages performed by GFI EventsManager.