In projects where classification is active, the classification movements are recorded. Classification Logs can be written to database databases or CSV files or in CEF format. Logs can be analyzed with any SIEM tool. You can also use the GEODI analysis panel for the database.
...
Object ID | Unique ID |
|---|---|
Log Time | time of transaction |
Log User | user who doing the classification |
Log App | GEODI |
Log App Ver | GEODI Version |
Log Module | DLPClassifier |
Log Security Level | https veya http |
Log Level | medium |
...
GEODI Log Analysis Dashboard
GEODI can analyze the logs written on the database in GEODI and examine the classes given depending on time.For this analysis, after installing a database via dashboards. There is a ready module to do this for Classifier Logs. Install the "Classification Log Analysis" module in GEODI, you can visually examine the classification logs on the panel in the project after selecting the draft project on the new project creation screen and connecting to the database.
Default class rules are valid in the dictionary used in the panel. When changes are made to the default class rules, the dictionary must also be changed.
...
and create a new project using the template. The ready dashboard will give you insight into class distributions, trends, and more.
There is a dictionary of classes for the analysis; you must update the dictionary in case you add new classes.
