Method, computer program element and a system for processing alarms triggered by a monitoring system

A method and system is designed for processing alarms, that have been triggered by a monitoring system such as an intrusion detection system, a firewall, or a network management system, comprising the steps of entering the triggered alarms into an alarm log, evaluating similarity between alarms, grouping similar alarms into alarm clusters, summarizing alarm clusters by means of generalized alarms, counting the covered alarms for each generalized alarm and forwarding generalized alarms for further processing if the number of alarms covered satisfies a predetermined criterion.

Web www.patentalert.com

< Systems and methods for processing input data before, during, and/or after an input focus change event

> Pen

~ 00468