An event which is resulted from the correlation of rules generated by the association rules engine by processing the data from the monitoring systems.
AIOps stands for Artificial Intelligence Operations, the process of using machine learning to improve business operations management.
Tickets that are closed automatically by the auto validation framework.
Tickets that are resolved automatically without any manual intervention.
Class / Subclass / Category / Subcategory
Class and sub-class are the domains where the issue is reported to the tenant. It tries to answer the question “Where was the issue reported?”
Category and Sub-category are the problem statements that define the exact issue. It tries to answer the question “What is the issue?”
For example, Network -> Router -> Device Health -> Device Down. In this case, Network is the class, Router is a sub-class, Device Health is the category and Device Down is a sub-category.
Resolution Intelligence automation engines provide the additional information to facilitate faster ticket resolution.
Event correlation ingests monitoring alerts, alarms, and other event signals to detect meaningful patterns from the data, identify incidents and outages.
Manual tagging of tickets based on analysis done by an analyst. Classifications typically include noise, outage, preventive action, etc.
Resolution Intelligence enables automation to create, process, and implement the change requests to prevent manual effort and to improve the customer experience.
Determines the accuracy of alerts that come from the source systems based on the rules set up in the Chronicle Content Management System.
These are generated due to the rules defined in the Chronicle CMS that allows similar multiple alerts to be correlated and merged as a single incident.
Non-numerical data that will not allow calculations. A few examples of dimensions are name, day, country, etc. Customization allows you to choose your own dimensions that will be displayed on the widgets.
The assets or domain names that encounter a single or multiple MITRE attack detection tactics and techniques.
The proof (malicious domain or a file) that triggers the alerts from the integrated systems and sources.
A stage in the ticket lifecycle in which a ticket is handed over to the customer for resolution or for more information.
Determines the damage that occurs to the asset due to the threat of concern.
Determines the threat events and exposure of concern result in adverse impacts based on the behavior of the MITRE tactics.
Engineers validate and close the tickets manually before notifying them to the tenant.
The calculated numerical value that represents the count of a particular parameter such as incidents count, assets count, etc. The platform provides you the flexibility to have your own metrics selection in the widgets as per your requirement.
MITRE Adversarial Tactics, Techniques, and Common Knowledge.
Metrics capture a value pertaining to your systems at a specific point in time.
Tickets that are notified to the tenants.
The false alarms generated by the system that affect the device’s performance.
Efforts are made to reduce the noise in an IT infrastructure to improve the performance of the system.
PSA enabled ticket
Tickets that are notified to the customer that contains the PSA flag.
Logical tagging of critical devices to the business. It helps to understand which part of business or business processes are impacted in case of a particular device not functioning.
Source system heals the events automatically and notifies the monitoring system.
A process that helps you identify, segregate, and analyze incoming events or incidents from the external environment in order to mitigate the risk to the organization.
Signals aka alerts are notifications that specific events took place.