Unused Events in Event Processing Systems Quiz

Which nodes send the calculated incoming EPS to the central decision-making engine?

How are the unused events calculated?

What is the total incoming EPS from the three collectors in the example?

What is the total unused events in the example?

What is the EPS reservoir used for?

When does the process of building up the EPS reservoir start over for the next day?

What happens to the number of events that can be carried over to the next day at midnight?

What is the total number of allowed events for the next three-minute interval?

What is the bonus 10% buffer used for?

What is the final total number of allowed events for the next three-minute interval in the example?

Which component of FortiSIEM manages Windows and Linux agents?

What file contains information about the licensed, allowed, used, and unused (reservoir) values every three minutes?

What is the purpose of the EPS reservoir in FortiSIEM?

What are the features supported by the FortiSIEM Windows agent?

How are logs collected by the FortiSIEM Linux agent delivered to FortiSIEM?

What is the supervisor node responsible for in FortiSIEM?

What type of nodes are optional in a FortiSIEM deployment?

What functionality does the FortiSIEM Linux agent provide for file integrity monitoring (FIM)?

Where can you view the licensed, used, and unused values in FortiSIEM?

What is the purpose of the 10% buffer in the EPS calculation for the next three-minute interval?