Event Decision Trace

Detailed Event Analysis & AI Explainability

Executive SIEM Impact & ROI Pipeline Routing Noise Filtering AI/ML CTI Event Decision Trace Compliance

Event Details

Event ID

evt_a1b2c3d4e5f6

Timestamp

2025-12-04 14:32:18

Source

firewall-palo-01

Type

network_connection

Source IP

185.220.101.45

Dest IP

10.0.1.25

{"src_ip":"185.220.101.45","dst_ip":"10.0.1.25","dst_port":443,"proto":"TCP","action":"allow"}

Final Decision

SIEM

High Priority Alert

Performance KPIs

98%

Explainability

91%

AI Consensus

100%

Normalization

12%

Noise Score

32ms

Total Latency

3

Rules Triggered

Processing Pipeline

✓

Raw Event

0ms

→

✓

Normalization

4ms

→

✓

Enrichment

15ms

→

✓

AI Classification

8ms

→

✓

Routing

2ms

Rules & AI Voting

Rules Triggered

Rule Name	Type	Result
TOR Exit Node Detection	Detection	Match
GDPR Data Classification	Compliance	Match
Critical Asset Access	Routing	Match

AI Model Votes

Model	Vote	Confidence
SecurityBERT	SIEM	96%
ThreatClassifier	SIEM	91%
CostOptimizer	DATA_LAKE	72%

Enrichment Data

IP Reputation

Score 15/100

Category TOR Exit Node

Source AbuseIPDB

GeoIP

Country Germany

City Frankfurt

ASN AS24940

Threat Feeds

AlienVault OTX HIT

Emerging Threats HIT

Spamhaus CLEAN