This section describes the terminology used in this document.
A utility that parses the data and delivers a richer event stream by injecting taxonomy, exploit detection, and business relevance into the data stream before events are correlated, analyzed, and sent to the database.
A utility that uses industry standard methods to connect to the data source to get raw data.
A policy that defines the duration for which the events remain before they are deleted from the Sentinel Log Manager server.
The applicator or system that logs the event.
Event Source Management
ESM. The interface that allows you to manage and monitor connections between Sentinel and its event sources by using Sentinel Connectors and Sentinel Collectors.
Events Per Second
EPS. A value that measures how fast a network generates data from its security devices and applications. It is also a rate on which Sentinel Log Manager can collect and store data from the security devices.
The unprocessed events that are received by the connector and sent directly to the Sentinel Log Manager message bus and then written to the disk on the Sentinel Log Manager server. Raw data varies from Connector to Connector because of the format of the data stored on the device.