ESA Config: Event Stream Analysis (ESA) Overview

Document created by RSA Information Design and Development on Jul 27, 2016Last modified by RSA Information Design and Development on Jul 27, 2016
Version 2Show Document
  • View in full screen mode

After ESA is installed in your network, configuration is required to set up the service in Security Analytics.

The Security Analytics Event Stream Analysis (ESA) service provides advanced stream analytics such as correlation and complex event processing at high throughputs and low latency. It is capable of processing large volumes of disparate event data from Concentrators.

ESA's advanced Event Processing Language allows you to express filtering, aggregation, joins, pattern recognition and correlation across multiple disparate event streams. Event Stream Analysis helps to perform powerful incident detection and alerting.

The following figure shows the architecture of Event Stream Analysis.


You are here: Event Stream Analysis (ESA) Overview