Patent attributes
A method for controlling transmission of security audit logs based on a model, a method for controlling transmission of log data based on a model, and a logging system. One embodiment may comprise receiving transmitted log information from a plurality of nodes, applying a rule-based algorithm to the transmitted log information to categorize a first batch of data as included in a security analysis, a second batch of data as excluded from the security analysis, and a third batch of data as actually reviewed in the security analysis based on a user selection, training a classifier based on outcomes of the rule-based algorithm, converting the classifier to run as a trained model executable on the plurality of nodes, and transmitting the trained model executable to the plurality of nodes.
