ActOnsTM
An event which is resulted from the correlation of rules generated by the association rules engine by processing the data from the monitoring systems.
AIOPs
AIOps stands for Artificial Intelligence Operations, the process of using machine learning to improve business operations management.
Auto Validation
Tickets that are closed automatically by the auto validation framework.
Auto Resolution
Tickets that are resolved automatically without any manual intervention.
Class / Subclass / Category / Subcategory
Class and sub-class are the domains where the issue is reported to the tenant. It tries to answer the question “Where was the issue reported?”
Category and Sub-category are the problem statements that define the exact issue. It tries to answer the question “What is the issue?”
For example, Network -> Router -> Device Health -> Device Down. In this case, Network is the class, Router is a sub-class, Device Health is the category and Device Down is a sub-category.
Context
Resolution Intelligence automation engines provide the additional information to facilitate faster ticket resolution.
Correlation
Event correlation ingests monitoring alerts, alarms, and other event signals to detect meaningful patterns from the data, identify incidents and outages.
Classification
Manual tagging of tickets based on analysis done by an analyst. Classifications typically include noise, outage, preventive action, etc.
Change Automation
Resolution Intelligence enables automation to create, process, and implement the change requests to prevent manual effort and to improve the customer experience.
Confidence
Determines the accuracy of alerts that come from the source systems based on the rules set up in the Chronicle Content Management System.
Detections
These are generated due to the rules defined in the Chronicle CMS that allows similar multiple alerts to be correlated and merged as a single incident.
Dimensions
Non-numerical data that will not allow calculations. A few examples of dimensions are name, day, country, etc. Customization allows you to choose your own dimensions that will be displayed on the widgets.
Entities
The assets or domain names that encounter a single or multiple MITRE attack detection tactics and techniques.
Evidence
The proof (malicious domain or a file) that triggers the alerts from the integrated systems and sources.
HMSP
A stage in the ticket life cycle in which a ticket is handed over to the customer for resolution or for more information.
Impact
Determines the damage that occurs to the asset due to the threat of concern.
Likelihood
Determines the threat events and exposure of concern result in adverse impacts based on the behavior of the MITRE tactics.
Manual Validation
Engineers validate and close the tickets manually before notifying them to the tenant.
Metrics
The calculated numerical value that represents the count of a particular parameter such as incidents count, assets count, etc. The platform provides you the flexibility to have your own metrics selection in the widgets as per your requirement.
MITRE Attack
MITRE Adversarial Tactics, Techniques, and Common Knowledge.
Monitoring metrics
Metrics capture a value pertaining to your systems at a specific point in time.
Notified incidents
Tickets that are notified to the tenants.
Noise
The false alarms generated by the system that affect the device’s performance.
Noise Reduction
Efforts are made to reduce the noise in an IT infrastructure to improve the performance of the system.
PSA enabled ticket
Tickets that are notified to the customer that contains the PSA flag.
Service name
Logical tagging of critical devices to the business. It helps to understand which part of business or business processes are impacted in case of a particular device not functioning.
Self heal
Source system heals the events automatically and notifies the monitoring system.
Situation Analysis
A process that helps you identify, segregate, and analyze incoming events or incidents from the external environment in order to mitigate the risk to the organization.
Signals
Signals aka alerts are notifications that specific events took place.
Inference
Inference extracts sensitive data from the available data. It is also a method used by cyber security team to predict patterns, behavior, and vulnerabilities in a system.
Comments
0 comments
Please sign in to leave a comment.