Alert correlation
Alert correlation is a type of long analysis. It focuses on the process of clustering alerts (events), generated by NIDS and HIDS computer systems, to form higher-level pieces of information.
Example of simple alert correlation is grouping invalid login attempts to report single incident like "10000 invalid login attempts on host X".
See also
This article is issued from Wikipedia - version of the Monday, July 23, 2012. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.