LogAnalysis
[logs] too many false alarms Jan 24 2008 11:04PM
Jon Stearley (jrstear sandia gov) (3 replies)
what false alarm rate do you tolerate for your current monitoring
system? is 1 false alarm in 4 ok? 1 in 10? 1 in 100?

a related question is: what false alarm rate must anomaly detection
systems achieve to be useful?

i know this is person/site/situation/etc specific, and welcome any
ballpark figures or experiences. thanks.

-jon stearley

_______________________________________________
LogAnalysis mailing list
LogAnalysis (at) loganalysis (dot) org [email concealed]
http://www.loganalysis.org/mailman/listinfo/loganalysis

[ reply ]
Re: [logs] too many false alarms Jan 25 2008 01:54AM
Ron Gula (rgula tenablesecurity com) (1 replies)
Re: [logs] too many false alarms Jan 25 2008 11:36AM
Andrew Hay (andrewsmhay gmail com) (2 replies)
Re: [logs] too many false alarms Jan 29 2008 04:41AM
Mordechai T. Abzug (morty frakir org)
Re: [logs] too many false alarms Jan 25 2008 07:35PM
Stefano Zanero (zanero elet polimi it)
Re: [logs] too many false alarms Jan 25 2008 12:46AM
Bennett Todd (bet rahul net)
Re: [logs] too many false alarms Jan 25 2008 12:34AM
Marcus J. Ranum (mjr ranum com) (2 replies)
Re: [logs] too many false alarms Jan 25 2008 07:35PM
Stefano Zanero (zanero elet polimi it)
Re: [logs] too many false alarms Jan 25 2008 01:08PM
Greg Dotoli (gldotoli yahoo com)


 

Privacy Statement
Copyright 2010, SecurityFocus