Blog , 14 Nov 2017

Understanding The AbuseHQ Data Structure

Tobias Knecht,

Founder and CEO, Abusix

Dealing with disparate data formats and structures affect productivity, network security, and thereby, customer retention?

AbuseHQ uses a data structure that always allows you to understand how an abuse report relates to different contracts, infrastructure, or campaigns. AbuseHQ gathers and normalizes data from all of your data sources, making it easy to understand, compare, and prioritize. AbuseHQ stops you from comparing apples to oranges.

See also: How AbuseHQ Integrates Your Network Security And Enhances Your Service Provider’s Infrastructure

AbuseHQ’s Simple Data Structure

AbuseHQ’s data display may contain up 4 layers, depending on how you choose to set up your instance. Each layer is assigned its own category and is dependent upon your own purpose and needs.

AbuseHQ Data Structure.png

Now, let’s look at each layer, to understand them better:

  • Event: The event layer is the lowest of the 4 layers. When AbuseHQ receives an abuse report it automatically extracts events and clusters these events in a case. Without events, there can’t be a case. This allows you to easily see how many events are associated with each case, helping you understand the threat.
  • Case: The second-lowest layer is a case. Cases organize all of the events that are extracted from an abuse report. Most of the work your agents will do will revolve around cases.
  • AbuseHQ will automatically create cases and attach related events allowing agents to see the full context and allowing them to resolve cases faster.
  • Contract (optional): As we move higher in the hierarchy, this is the clustering level for cases, within AbuseHQ. This layer allows you to organize cases associated with a specific customer resource (mta, web hosting, bandwidth, etc), contract (mobile, internet, etc), campaign, or any other sub-layer you can think of. This optional layer, simply adds an additional layer of organization, to help you perform a high-level analysis of the related case groups.
  • Subscriber: This is the highest layer of the AbuseHQ data structure, allowing you to group all cases related to a specific subscriber. This allows every case to be associated with subscribers making it easier for your agents to work through cases with historical context and faster.

To view more technical documentation on data structure, visit our Knowledge Base.

See also: Security Solutions To Network Abuse And Harassment: AbuseHQ

Clear structured, automated organization makes abuse data understandable and AbuseHQ easy to use

AbuseHQ organizes and stores your abuse reports in an efficient, easy to use data structure. This means, that no matter what type of abuse report you receive or the reporter that sends you the report, the event data displays uniformly in a simple structured format in AbuseHQ; useful to you and your team. AbuseHQ eliminates all confusion and saves time wasted today, trying to understand each abuse report or building your own parsers.

If you could benefit from a simpler approach to prioritizing, assigning, and resolving cases, then give AbuseHQ a try. From AbuseHQ’s clear data structure to its easy-to-understand visual interfaces, Abusix can make your department easier to manage, more efficient, and most importantly more effective. Get in touch with our team, to go through a demo or to arrange a trial.

Linkedin Icon Twitter Icon Facebook Icon E-mal Icon
Get in touch

Talk to us

Do you want to remove your IP/domain from one of our blocklists?
Please use our lookup-service and follow the instructions there in order to get that resolved.