Alert Logic Machine Learning Log Review capabilities and coverage have been extended to 100% of log review activity, and several new anomaly detection and log types have been added to coverage.
Note: Log Review incident details can be found within the Alert Logic console at 
> Respond > Incidents > Filter: Detection Source > Log Review > Open > Evidence. Access the Monthly Log Review Details Report at > Reports > Threats > Log Review Analysis: View > Monthly Log Review Details.
New Anomaly Detection and Log Types
Alert Logic has extended Machine Learning Log Review coverage for Amazon Web Services (AWS), databases, and network-relevant logs. New anomaly detection and log types include:
- Anomaly Detection
- AWS EC2 Large Instance Changes
- AWS EC2 Large Instance Changes
- Pattern Matching / Rule-Based Detection
- AWS Console Login Without Multi-Factor Authentication
- AWS IAM Policy Changes
- AWS Root Network Access Control List Changes
- AWS Network Access Control List Changes
- AWS Root Network Gateway Changes
- AWS Network Gateway Changes
- AWS Security Group Configuration Changes
- Microsoft Active Directory Global Catalog Changes
Additional Resources
For more information on Machine Learning Log Review, see the following documentation and knowledge base resources:
Comments
0 comments
Please sign in to leave a comment.