1.4 Terminologies

This section describes the terminologies used in this document.

Collectors: Collectors parse the data and deliver a richer event stream by injecting taxonomy, exploit detection, and business relevance into the data stream before events are correlated, analyzed, and sent to the database.

Connectors: The Connectors use industry standard methods to connect to the data source to get raw data.

Data Retention: The data retention policy defines the duration for which the events remain and deleted from the Sentinel Log Manager server.

Event Source Management: The Event Source Management (ESM) interface allows you to manage and monitor connections between Sentinelâ„¢ and its event sources by using Sentinel Connectors and Sentinel Collectors.

Events Per Second: Events per second (EPS) is a value to measure how fast a network generates data from its security devices and applications. It is also a rate on which Sentinel Log Manager can collect and store data from the security devices.

Integrator: Integrators are plug-ins that allow Sentinel systems to connect to other external systems. JavaScript actions can use Integrators to interact with other systems.

Raw Data: Raw data varies from Connector to Connector because of the format of the data stored on the device. The system processes a record or data at a time. The raw data contains the information about the raw data message, raw data (record) ID, time the raw data was received (as stamped by the Collector Manager), IDs of the event source, Connector, Collector, and Collector Manager node IDs and a SHA-256 hash of the raw data.