An information handling system includes an input and a processor. The processor receives a sequence of events, detects a first event within the sequence of events, determines a first state of a Markov model associated with the first event, detects a second event within the sequence of events, determines a second state of the Markov model associated with the second event, detects a state transition from the first state to the second state in the Markov model, determines a partial match of the sequence of events to a kill sequence of events in response to the state transition from the first state to the second state in the Markov model, and logs all events that occurred in the information handling system in between the first event and the second event.
展开▼
