Event Mapping Technology

Logsign Unified SecOps Platform allows you to do an advanced categorizing in the column names. For each event, Logsign Unified SecOps Platform creates new columns as EventMap for categorizing.

 

As an example, let's search the successful logins.

 

Type Event.VendorID:4624 in Search tab to see the successful login processes on windows servers. Logsign Unified SecOps Platform opens map columns and classifies this event as User Successful Login.

38.png

 

Let's search the successful logins using Map columns this time. Through Map columns, you are able to see the successful login events not only on windows but also on all integrated resources.

 

This feature allows you to search different events easily and quickly with a single column architecture.

39.png

Was this article helpful?
0 out of 0 found this helpful

Articles in this section

Become a Certified Logsign User/Administrator
Sign-up for Logsign Academy and take the courses to learn about Logsign USO Platform in detail. Enjoy the courses, and get your badges and certificates. In these courses, you'll learn how to use Logsign in your work and add value to your career.
Visit Our Blog
Our Logsign USO Platform illustrate our expertise. So do the blog. Through our blog posts, deepen your knowledge on various SecOps topics or get updated about important news & modern approaches for cybersecurity. Get into the habit of reading valuable information provided by Logsign. Be a step ahead.