Monitoring Engine Sample Clauses

Monitoring Engine. The Monitoring Engine is the component of the Provider layer of the Monitoring Architecture responsible for filtering, aggregating and correlating events collected by the WISER Agents and for the generation of alarms based on a predefined set of correlation rules or security directives. Deliverable D4.1, Section 6 gives details about the internal operation of the Monitoring Engine. A summary can be found below: 1) The events are received by the Monitoring Engine in a standardized JSON format (see section 5.1.2) from the Rabbit MQ server. 2) The events received are pre-processed and filtered, in accordance to certain policies. A policy is a set of filtering conditions configured in the SIEM system included in the Monitoring Engine. This way, the number of correlation events arriving to the correlation engine is notably reduced. The data schema to use is also provided for this pre-processing step so as to know how the data are structured and need to be passed to the next correlation step. Since the architecture of the Monitoring Engine is designed to run in a distributed way using Apache Storm10, a different process will be in charge of each policy defined. In particular, a different policy associated to each organization defined in the Data Warehouse is initially configured. Each policy will filter the reports received from the monitored infrastructure based on the WISER agents defined in the Data Warehouse for a specific organization. In this way, the incoming traffic is split into separate data streams (one by organization) for its analysis and correlation. To these policies, included by default to provide multi-tenant support, the administrator can add more conditions such as filtering based on a set of the IP addresses in case only a subset of the events collected by the agent are relevant. 3) The events matching the filtering criteria are correlated by means of the Correlation Engine, which is the core of the Monitoring Engine. The Correlation Engine has preconfigured rules aiming at detecting patterns being fulfilled. These rules are defined in EPL (Event Processing Language), which is a SQL-like language. When the pattern is found, an alarm is generated accordingly. In the Storm topology defined for WISER, there is by default a different correlation process by each organization. As described in the previous step, each of these correlation processes only receives events coming from agents deployed in a specific organization, according to the policy an...
Sample 1
AutoNDA by SimpleDocs
Monitoring Engine. (ME) The monitoring engine runs in each router and aims at sampling and capturing packets at the interfaces of the router. It then exports them in the form of NetFlow records to the central collector. As depicted in Figure 1, one can observe four main modules: • Packet capturing: this module listens to the network interface and sample data at a given sampling rate. This sampling rate is configured each time by the Cognitive Engine (CE) next to the optimization it carries out after correlating measurements from all routers. • Classifier: Once a packet is sampled by the Packet capturing module, the classifier identifies flows by a key (in our case this key corresponds to the 5-tuple consisting of source and destination addresses, source and destination port numbers, and protocol number). The Classifier then determines if a flow is active or if it is a new flow. If the flow is active, it updates real-time statistics on that flow such as the number of packets and bytes. If it is a newly observed flow, it inserts a new flow record for this new packet’s key. The ME maintains the keys of flows forwarded by the router together with the collected statistics on those flows. A flow is declared terminated by the Classifier in one of three cases: (i) when observing a FIN or a RST packet (TCP control), (ii) when a timeout expires after the record for that flow was created, and finally (iii) when the number of records exceeds a given threshold in order to release memory. • Reporting: Once collected, flow records are exported using UDP messages to the central Unit (Cognitive Engine) through the CM (Cognitive-Monitoring) interface. • Controller: Based on the collected data and machine learning methods, the cognitive component takes a decision on how to tune the sampling rates and sends the decision back to the ME. The controller in each router receives the decision and updates the sampling rate in the ME accordingly.
Sample 1
Monitoring Engine. The Monitoring Engine (already introduced in D2.2, section 3.4.1) is the component on the Provider layer of the monitoring architecture responsible for the filtering, aggregation, correlation of the events collected by the WISER Agents and generation of alarms based on a predefined set of correlation rules or security directives.
Sample 1

Related to Monitoring Engine

  • Contract Monitoring The criminal background checks required by this rule shall be national in scope, and must be conducted at least once every three (3) years. Contractor shall make the criminal background checks required by Paragraph IV.G.1 available for inspection and copying by DRS personnel upon request of DRS.

  • Monitoring Services IDT staff shall, using methods that include face-to-face and other contacts with the member, monitor the services a member receives. This monitoring shall ensure that: a. The member receives the services and supports authorized, arranged for and coordinated by the IDT staff; b. The services and supports identified in the MCP as being provided by natural and community supports are being provided; and c. The quality of the services and supports received is adequate and still necessary to continue to meet the needs and preferences of the member and support the member’s outcomes identified in the MCP.

  • Monitoring System In each case in which the Custodian has exercised delegated authority to place Assets with a Foreign Custodian, the Custodian shall establish a system, to re-assess or re-evaluate selected Foreign Custodians, at least annually in accordance with Rule 17f-5(c)(3).

  • Program Monitoring and Evaluation The Recipient shall prepare, or cause to be prepared, and furnish to the Association not later than six months after the Closing Date, a report of such scope and in such detail as the Association shall reasonably request, on the execution of the Program, the performance by the Recipient and the Association of their respective obligations under the Legal Agreements and the accomplishment of the purposes of the Financing.”

  • Project Monitoring Reporting and Evaluation The Recipient shall furnish to the Association each Project Report not later than forty-five (45) days after the end of each calendar semester, covering the calendar semester.

  • Program Monitoring The Contractor will make all records and documents required under this Agreement as outlined here, in OEC Policies and NHECC Policies available to the SRO or its designee, the SR Fiscal Officer or their designee and the OEC. Scheduled monitoring visits will take place twice a year. The SRO and OEC reserve the right to make unannounced visits.

  • Quality control system (i) The Contractor shall establish a quality control mechanism to ensure compliance with the provisions of this Agreement (the “Quality Assurance Plan” or “QAP”). (ii) The Contractor shall, within 30 (thirty) days of the Appointed Date, submit to the Authority’s Engineer its Quality Assurance Plan which shall include the following: (a) organisation, duties and responsibilities, procedures, inspections and documentation; (b) quality control mechanism including sampling and testing of Materials, test frequencies, standards, acceptance criteria, testing facilities, reporting, recording and interpretation of test results, approvals, check list for site activities, and proforma for testing and calibration in accordance with the Specifications for Road and Bridge Works issued by MORTH, relevant IRC specifications and Good Industry Practice; and (c) internal quality audit system. The Authority’s Engineer shall convey its approval to the Contractor within a period of 21 (twenty-one) days of receipt of the QAP stating the modifications, if any, required, and the Contractor shall incorporate those in the QAP to the extent required for conforming with the provisions of this Clause 11.2. (iii) The Contractor shall procure all documents, apparatus and instruments, fuel, consumables, water, electricity, labour, Materials, samples, and qualified personnel as are necessary for examining and testing the Project Assets and workmanship in accordance with the Quality Assurance Plan. (iv) The cost of testing of Construction, Materials and workmanship under this Article 11 shall be borne by the Contractor.

  • Compliance Monitoring Grantee must be subject to compliance monitoring during the period of performance in which funds are Expended and up to three years following the closeout of all funds. In order to assure that the program can be adequately monitored, the following is required of Grantee: a. Grantee must maintain a financial tracking system provided by Florida Housing that ensures that CRF funds are Expended in accordance with the requirements in this Agreement. b. Grantee must maintain records on all awards to Eligible Persons or Households. These records must include, but are not limited to: i. Proof of income compliance (documentation from submission month, including but not limited to paystub, Florida unemployment statement, social security and/or disability statement, etc.); ii. Lease; and iii. Documentation of rental assistance payments made.

  • Maintenance Manual No later than 60 (sixty) days prior to the Project Completion Date, the Contractor shall, in consultation with the Authority’s Engineer, evolve a maintenance manual (the “Maintenance Manual”) for the regular and preventive maintenance of the Project Highway in conformity with the Specifications and Standards, safety requirements and Good Industry Practice, and shall provide 5 (five) copies thereof to the Authority’s Engineer. The Authority’s Engineer shall review the Maintenance Manual within 15 (fifteen) days of its receipt and communicate its comments to the Contractor for necessary modifications, if any.

  • Evaluation, Testing, and Monitoring 1. The System Agency may review, test, evaluate and monitor Grantee’s Products and services, as well as associated documentation and technical support for compliance with the Accessibility Standards. Review, testing, evaluation and monitoring may be conducted before and after the award of a contract. Testing and monitoring may include user acceptance testing. Neither the review, testing (including acceptance testing), evaluation or monitoring of any Product or service, nor the absence of review, testing, evaluation or monitoring, will result in a waiver of the State’s right to contest the Grantee’s assertion of compliance with the Accessibility Standards. 2. Grantee agrees to cooperate fully and provide the System Agency and its representatives timely access to Products, records, and other items and information needed to conduct such review, evaluation, testing, and monitoring.

Draft better contracts in just 5 minutes Get the weekly Law Insider newsletter packed with expert videos, webinars, ebooks, and more!