主权项 |
1. A computer-implemented method, comprising:
identifying, in an event log database, a plurality of event logs associated with an identifier and having corresponding timestamps that are within a specified time interval; grouping, by auditing software executed by one or more processors of a central server, the plurality of event logs based at least in part on one or more criteria to create one or more groups of events; determining, by the auditing software, a first session based on a group of events from the one or more groups of events, the group of events starting with a specified type of event; and displaying the first session as a first timeline of events, the first session associated with a first network element. |