Business and other entities are increasingly interested in capturing data associated with their computer networks for information technology (IT) security, IT operations, compliance, and other reasons. Unfortunately, analyzing that data can be difficult, expensive, and ineffective. One reason is that the data is voluminous and generated at a rapid rate. Another reason is that an increasing number of types of devices emit log information in varying and new formats. As new types of data are to be captured and analyzed, significant work is typically required from expert contractors. And, even with a dedicated team of analysts, it can be very difficult, if not impossible, for such analysts to identify potentially important events in the vast quantity of data.