Glossary

The glossary below contains many of the terms you will find in common use throughout the Symantec Security Response website. Please refer to this list to find definitions of terms and answers to other Internet security-related questions.

event filtering

The discarding of events according to a user-defined rule set.

Filtering events at the event collector reduces event traffic and storage by identifying and eliminating false positive, or otherwise unwanted, events.

Filtering events at the archive prevents the storage of unessential event data.

Filtering events at the correlation manager eliminates the correlation of events that need not be considered for incident creation purposes.

Filtering events at the event forwarder allows for selective event forwarding to another Information Manager for correlation or archiving purposes.