Interpreting the cluster graph
Last updated
Last updated
The summary of the log events for risk analysis is represented in a bubble graph.
From the ISD application dashboard, Click "Continuous Verification" --> Click "Verification" and then click "Application Name". This will take you to the available policy list.
After selecting the application name, it will take you to the below screen and click on the "Graph View" as shown below:
The x-axis represents the sequence number of events and the y-axis is the logical representation of the number of times the events are repeated within the cluster.
Mouse over the bubbles to display repetition count of event along with the starting event string.
Impact on score calculation for a cluster:
W = weight assigned for the cluster topic at a given sensitivity level
L1 = No of unique clusters in V1
L12 = No of unique clusters in V1V2
C = Total number of all dark red, red and yellow clusters in both V2 and V1V2
N=(L1*10) / (L1+L12)
Impact on score for a cluster= (W/(L1+L12))+(N/C)+ Score reduced based on number of repetitions
Score reduction is calculated for only non green clusters in V2 and V1V2.