event

An event is something which occurred in the history of a computer system at a particular time, whereby the state of the system was potentially changed.

In CAT Detect, events are represented in a simplified, normalised format:

**Event ID, Time, Subject, Object, Action, Result **

The Event ID is an unique integer identifier for the event.

The Time is a date/timestamp.

The Subject is the person, user, device, host, file or application which initiated the event.

The Object is the person, user, device, host, file or application which was the target of the event.

The Action describes the nature of the event - what the Subject did to the Object.

The Result is usually Success, Failure or Unknown depending on whether the action of the event was successful or not.