Alert Data on Bill Brown:Thoughts and Reference Material Onlinehttps://www.billbrown.info/tags/alert-data/Recent content in Alert Data on Bill Brown:Thoughts and Reference Material OnlineHugo -- gohugo.ioenBillBrown.infoThu, 04 Jun 2026 00:00:00 +0000Alert Data and NSM Tools for Intrusion Detectionhttps://www.billbrown.info/post/alert-data-and-nsm-tools-for-intrusion-detection/Thu, 04 Jun 2026 00:00:00 +0000https://www.billbrown.info/post/alert-data-and-nsm-tools-for-intrusion-detection/ <!-- SOURCE: ISSC642/forum4/forum_post_4.docx --> <h2 id="alert-data-and-nsm-tools-for-intrusion-detection">Alert Data and NSM Tools for Intrusion Detection</h2> <p>Network Security Monitoring (NSM) data that has been previously discussed are full content data (FCD), session data and statistical data. The result of an NSM specific data is to identify decisions based on views of network traffic. The NSM tool assists the analyst(s) if an event identified is nonthreatening, suspicious, or malicious. Once the event is identified it leads the analyst to the next action. NSM tools, as described by Bejtlich (2013) are to assist analysts in three ways. The first way is to make it was for them to review many types of NSM data in a single interface. A second way as Bejtlich (2013) describes, is to enable the analyst(s) to pivot from one type of data to another and the third or last way is the NSM tool capture the outcome of the analyst(s) decision making process. The use of NSM tools allow one or many analysts to complete a shared objective. Examples of data collection tools are Tcpdump, Snort, Cicso Net Flow and Cisco Account as Bejtlich (2004) points out.</p>