com.mozilla.secops

Class SourceCorrelation

java.lang.Object

com.mozilla.secops.SourceCorrelation

public class SourceCorrelation
extends Object

Source address ingestion and alert correlation

Correlates observed source addresses extracted from normalized event field with source addresses that are associated with alerts.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	SourceCorrelation.AlertSourceExtractor Convert Alert to SourceCorrelation.SourceData
static class	SourceCorrelation.EventSourceExtractor Convert Event to SourceCorrelation.SourceData
static class	SourceCorrelation.SourceCorrelator Transform for source address alert and ingestion correlation
static class	SourceCorrelation.SourceData SourceData is an intermediate format used to store information about a given source address observed in the ingestion or alert stream.

Constructor Summary

Constructors

Constructor and Description
SourceCorrelation()

Method Summary

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SourceCorrelation

public SourceCorrelation()