Audit Reduction Tools

Audit Reduction Tools definition in Computer Security terms:

Acronym(s): None

Definition(s): Preprocessors designed to reduce the volume of audit records to facilitate manual review. Before a security review, these tools can remove many audit records known to have little security significance.
Source(s): CNSSI 4009-2015 (NIST SP 800-12)

Preprocessors designed to reduce the volume of audit records to facilitate manual review. Before a security review, these tools can remove many audit records known to have little security significance. (This alone may cut in half the number of records in the audit trail.) These tools generally remove records generated by specified classes of events, such as records generated by nightly backups might be removed.
Source(s): NIST SP 800-12

Preprocessors designed to reduce the volume of audit records to facilitate manual review. Before a security review, these tools can remove many audit records known to have little security significance. These tools generally remove records generated by specified classes of events, such as records generated by nightly backups.
Source(s): NIST SP 800-53 Rev. 4 (CNSSI 4009)

Synonym(s): None

 

reference: CSRC Glossary