Specifications   Search
CEE™ Common Event Expression: A Unified Event Language for Interoperability
CEE Website is in "Archive" status — read the announcement
 

About CEE

Documents

FAQs

CEE Language

Current Release

Previous Releases

CEE Community

CEE Board

Discussion Archive

News & Events

Calendar

Search the Site

CEE Language

Current Release

Specifications

Schemas

Downloads

Profiles

Versioning

Terminology

Implementations

Additional Information

Previous Releases

Terms of Use

Terminology — Archive 1.0-beta1

audit
the process of evaluating logs within an environment (e.g., within an electronic system). The typical goal of an audit is to assess the overall status or identify any notable or problematic activity.
category
see event category
event
a single occurrence within an environment, usually involving an attempted state change. An event usually includes a notion of time, the occurrence, and any details the explicitly pertain to the event or environment that may help explain or understand the event’s causes or effects.
event category
groups events based upon one or more event categorization methodologies. Example methodologies include organization based upon what happened during the event, the involved parties, device types impacted, etc.
event consumer
any tool that consumes event records. May be used interchangably with "log consumer"
event field
one characteristic of an event. Event fields are defined in the field dictionary portion of a CEE Profile and are used in event records. Examples of an event field include date, time, source IP, user identification, and host identification. An event field relates a name identifier with a single field value.
event producer
any tool that produces event records. May be used interchangably with "log producer"
event record
a describing of a single event. Generally, a record is an encoded collection of event fields that, together, describe the single event. Terms synonymous to event record include "audit record" and "log entry".
field
see event field
log (n)
a collection of event records. Terms such as "data log," "activity log," "audit log," "audit trail," "log file," and "event log" are often used to mean the same thing as log.
log (v)
the act of recording events into logs. Examples of logging include recording events into records a text log file, or storing the data in binary files or databases.
profile
a description of events, including event fields, event categories, and tags, that are generated by a product or relate to a specific capability (e.g., authentication or configuration management, firewall, signature detection, routing).
record (n)
see event record
record (v)
the act of saving the details of an event; recording an event as an event record.

BACK TO TOP

Page Last Updated: May 15, 2013