| 摘要 |
PROBLEM TO BE SOLVED: To enable efficient inspection by monitoring communication on a network and narrowing down an inspection object.SOLUTION: An information analysis system comprises: a detection unit 220 that adds common information based on a preset rule to analysis object information, such as a communication log, generated by an event that generates analysis object information, such as communication, uniforms information granularity on the basis of the contents of the analysis object information and the common information, and makes an event; and an analysis unit 230 that integrates the event on the basis of a preset rule to make it a detection event candidate, and determines whether the event generating analysis object information identified by the detection event candidate is a problematic event or not. |
