Previous Topic: Ideal Models List

Next Topic: Event Categories List

Event Categories

The second step to normalizing event information in CEG is to determine the category the expressed event information best fits. By providing a field for categorizing the expressed event information the CEG supports cross-product reporting for broad categories of events. The CEG field used for this step in normalization is event_category field. It also provides an easy reference point for setting filters to show specific information for compliance reporting.

Some examples of event_category are:

For example, all failed and successful logins are recorded with the same value, System Access, in the field event_category.