Events, Incidents, and Correlation

With FIM, you receive real-time updates about anomalous activities that are detected. These updates are sent with complete granular details such as who-what-when-where, about the changes occurring within the scope of your monitored area. Events can be expected and authorized or unexpected and malicious. With alerts and notifications, you can make sure that nothing that is unauthorized goes unnoticed and eventually leads to a security hazard.

With the flexibility of creating correlation rules for grouping similar events together and for alerting authorized users upon an incident, you know that you are in control of security and integrity of your data. And that’s exactly what Qualys FIM does for you with the help of the ready-to-use queries for alert rules in its library. You can avail the easy-to-use, predefined set of queries in the Qualys FIM Library to create alert rules or correlation rules. The correlation rules can be used to group similar events of interest and then to receive notification for the same.

Reference Topics

Viewing Events

Track your Incidents

Rules Library

Configure correlation rules to auto create incidents

Configure rule-based alerts for events and incidents