2.0 How Sentinel Works

Gathers logs, events, and security information from the various sources in your IT environment.

Normalizes the collected logs, events, and security information into a a standard Sentinel format.

Stores events in a file-based data storage or Hadoop-based scalable storage with flexible, customizable data retention policies.

Collects IP Flow data and helps you monitor network activities in detail.

Provides the ability to hierarchically link multiple Sentinel systems, including Sentinel Log Manager.

Allows you to search for events on your local Sentinel server, and also on other Sentinel servers distributed across the globe.

Performs a statistical analysis that allows you to define a baseline and then compares it to what is occurring, to determine if there are unseen problems.

Correlates a set of similar or comparable events in a specific duration to determine a pattern.

Organizes events into incidents for efficient response management and tracking.

Provides reports based on real time and historical events.