This is an old revision of this page, as edited by SoBeeIt (talk | contribs) at 07:58, 6 August 2019 (removed broken link). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
 | The topic of this article may not meet Wikipedia's general notability guideline. Please help to demonstrate the notability of the topic by citing reliable secondary sources that are independent of the topic and provide significant coverage of it beyond a mere trivial mention. If notability cannot be shown, the article is likely to be merged, redirected, or deleted. Find sources: "Alert correlation" – news · newspapers · books · scholar · JSTOR (January 2012) (Learn how and when to remove this message) |
 | This article does not cite any sources. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Alert correlation" – news · newspapers · books · scholar · JSTOR (January 2012) (Learn how and when to remove this message) |
Alert correlation is a type of long analysis. It focuses on the process of clustering alerts (events), generated by NIDS and HIDS computer systems, to form higher-level pieces of information.
Example of simple alert correlation is grouping invalid login attempts to report single incident like "10000 invalid login attempts on host X".
