Sentinel allows you to monitor and manage a variety of functions. Some of the main functions include:
Real-time views of large streams of events
Reporting capabilities based on real-time and historical events
Managing users and what they are able to see and do by permission assignment
Managing access to events for different users
Organizing events into incidents for efficient response management and tracking
Detecting patterns in events and streams of events
An intuitive and flexible rule-based language for correlation
Rules compiled for high performance
Scalable, multi-threaded, distributable, and extensible architecture
Sentinel processes communicate with each other through a message-oriented middleware (MOM).