About events processing rules

Events processing rules are checks that are run against event logs when they are collected. Based on the conditions configured in a rule, events processing rules help you:

The flowchart chart below illustrates the event processing stages performed by GFI EventsManager:

How Events Processing Rules work

Event classification

Event classificationThe categorization of events as Critical, High Medium, Low or Noise. is based on the configuration of the rules that are executed against the collected logs. Events that don’t satisfy any event classification conditions are tagged as unclassified. Unclassified eventsEvents that did not satisfy any of the event processing conditions configured in the event processing rules. may also be used to trigger the same alerts and actions available for classified events.

GFI EventsManager classifies events in the standard importance levels such as Critical, High, Medium, Low and NoiseRepeated log entries which report the same event. (unwanted or repeated log entries).