The ability to aggregate and view top-performing or top-occurring events allows security teams to:
A powerful, easily deployable network traffic analysis tool suite for network security monitoring. Quick Start · Documentation. malcolm.fyi Malcolm - CISA
For those looking to implement these tools, you can find the official Malcolm Documentation to explore how to configure these specific data views. Field Aggregations - Malcolm
A powerful, easily deployable network traffic analysis tool suite for network security monitoring. Quick Start · Documentation. malcolm.fyi Malcolm - CISA