CPC G06Q 20/4016 (2013.01) [G06Q 20/405 (2013.01); H04L 63/1433 (2013.01)] | 20 Claims |
1. A computer-implemented method, comprising:
identifying a first risk definition and a second risk definition, wherein the first risk definition defines a first set of operations on first machine data reflecting activity in an information technology (IT) environment and the second risk definition defines a second set of operations on second machine data reflecting activity in the IT environment;
determining a relationship between the first risk definition and the second risk definition;
processing the first machine data and the second machine data based on the relationship between the first risk definition and the second risk definition and one or more characteristics associated with the first risk definition or the second risk definition; and
performing one or more risk analysis operations based on a result of processing the first machine data and the second machine data.
|