Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1157
Views
0
Helpful
1
Replies

what database is used in stealthwatch?

ehsan.emad
Level 1
Level 1

‎01-29-2018 12:21 AM

what type of database is used in stealthwatch?

can we have explain about how stealthwatch can learn or analyze?  I mean the way of learning

Labels:
0 Helpful
1 Reply 1

brford
Cisco Employee
Cisco Employee

‎02-14-2018 06:35 AM

Sure Ehsan,

Stealthwatch actually uses several different databases tools but the one you are probably most interested in is our analytics database: which uses HP Vertica.

Put very simply; Stealthwatch uses unsupervised machine learning to creates models of what is 'normal' for the network.  When a host deviates from 'normal' it accumulates points; based in part on the amount of deviation.  Points can also be assigned based on defined negative or bad activities.  When a hosts point score reaches a certain point an alarm is raised.

I hope this helps.

Brian

Brian Ford | brford@cisco.com | brford@yahoo.com | 51 75 61 6c 69 74 79 20 6d 65 61 6e 73 20 64 6f 69 6e 67 20 69 74 20 72 69 67 68 74 20 77 68 65 6e 20 6e 6f 20 6f 6e 65 20 69 73 20 6c 6f 6f 6b 69 6e 67 2e | Email me when you figure this out.
0 Helpful
Customers Also Viewed These Support Documents