- Welcome to Exabeam Security Content
- What is Security Content?
- Common Information Model
- What is the Common Information Model?
- Common Information Model Context Elements
- Common Information Model Interface
- Common Information Model Event-naming Format
- Common Information Model Impact on Downstream Processes
- Using the Common Information Model to Create Custom Content
- Transitioning to the Common Information Model
- Understanding the Log
- Exabeam Parsers
- Exabeam Event Building
- Exabeam Enrichment
- Exabeam Persistence and Templates
- Exabeam Models
- Exabeam Rules
PrevNext
Types of Models
Exabeam includes three types of models. Follow the links below for information and samples of each type of model.
Categorical – This type of model is used to train on values that are strings such as host or user names.
Numerical_Clustered – This type of model is used to train on numerical values such as the number of hosts that a user logs into during a session.
Numerical_Time_of_Week – This type of model is used to train on the time when events occur.