An event Any traffic or data exchange detected by AT&T Cybersecurity products through a sensor or external devices such as a firewall. is a record of activity, which contains information and that resides in a log file. USM Anywhere collects, normalizes, and enriches logs with additional metadata Information about other associated data, used to help organize information, provide identification, support archiving of data, and other functions., which are called events.

After USM Anywhere is installed in your environment, events start flowing through your system, so you can start gaining visibility into the type of events that are occurring, what natural or non-threatening activity is taking place, and what activity can be a possible attack.

This topic discusses these subtopics: