Data-centric monitoring of compliance of distributed applications

What is claimed is: 1. A method comprising: monitoring a distributed application, by a computer system, using one or more logs of information technology events in a distributed system comprising the distributed application, wherein the distributed application is an application that is executed on multiple computers simultaneously within the distributed system, and wherein the monitoring comprises collecting information technology events by a plurality of components in the distributed application, wherein the distributed system comprises a plurality of data objects, and the distributed application uses, processes, or otherwise accesses one or more of the plurality of the data objects, and wherein the information technology events concern the distributed application and concern accesses by the distributed application to one or more of the data objects; correlating, by the computer system, the information technology events with a selected set of the plurality of data objects; estimating, by the computer system, risks to the selected set of data objects based on the information technology events, wherein estimating risks uses at least ranks of compliance rules as these rules apply to the data objects in the system and vulnerability scores of components of the distributed application corresponding to the set of data objects and information technology events, wherein the estimated risks include a breach of the compliance rules associated with the selected set of data objects, and wherein the compliance rules are defined by one or more regulations; and displaying, by the computer system, information allowing a user to determine the estimated risks for the selected set of data objects, wherein the information displayed by the computer system provides the user with an estimated risk of a breach of the regulatory compliance requirements, including user selectable representations of data objects used for data-centric monitoring of compliance applications, and comprising visual indications of the estimated risk for the selected set of data objects, wherein the displayed information allows the user to perform mitigation of the estimated risks for at least one of the selected set of data objects. 2. The method of claim 1 , wherein the visual indications comprise a color code from a range of colors from a first color to a second color, and wherein displaying information further comprises displaying an indication of the color code for each data object in the selected set of data objects. 3. The method of claim 1 , wherein displaying further comprises displaying, in response to the user selecting a representation of a selected one of the set of data objects, information for a detailed representation on a dashboard for the selected data object. 4. The method of claim 3 , wherein the detailed representation comprises one or more of the following: details of information technology events associated with the selected data object during a selected duration; details of the risk, compliance rules and associated weights associated with the selected data object; or risks of a complete service and risks of components associated with the data object. 5. The method of claim 1 , wherein: the method further comprises providing the user with an opportunity to select one or more of the following criteria: a specific time duration; a subset of the set of data objects; a set of systems or users; or a set of each of these entities related to one or more of the specific time duration, subset of data objects, or the set of systems or users; and displaying information further comprises displaying to the user of risks and information technology events associated with the selected criteria. 6. The method of claim 1 , wherein: estimating risks comprises: aggregating at least two of the following risks to an aggregated value for one or more of the selected set of data objects: risk corresponding to each data object; risk corresponding to each anomalous event; risk corresponding to each compliance rule; or risk corresponding to each vulnerability of the system; and normalizing the aggregated value to a range of values; and displaying comprises displaying the aggregated value for the one or more of the selected set of data objects. 7. The method of claim 6 , further comprising determining each vulnerability of the system using an attack graph for the distributed application. 8. The method of claim 6 , wherein each risk is a weight of a corresponding entity. 9. The method of claim 6 , wherein a risk used to determine the aggregated risk is determined by multiplication of weights for entities from multiple risks. 10. The method of claim 9 , wherein a risk used to determine the aggregated risk is determined by, for a given data object, multiplying a size in bytes of the given data object with a weight of anomalous events associated with that given data object. 11. The method of claim 6 , wherein the aggregated value is normalized to a range of values from zero to one hundred. 12. The method of claim 1 , wherein estimating risks comprises computing risk based on one or more of the following: a size of a given data object; a weight assigned to the given data object; weights assigned to compliance rules; or weights assigned to anomalous events, wherein weights assigned to anomalous events are assigned with respect to weights of normal events. 13. The method of claim 1 , further comprising determining the ranks of the compliance rules as follows: identifying dependencies between compliance rules; representing the dependencies as a graph having nodes and edges, wherein each node represents a compliance rule or a group of compliance rules, and wherein each edge is a directed edge from a first node to another node such that the first node is dependent on the other node; traversing the graph and computing rank of each node using one of a recurrence relation or dynamic programming; and outputting the rank of each node to be used for the displaying. 14. The method of claim 13 , wherein computing rank using a recurrence relation comprises using a pagerank algorithm wherein a rank of each node Y depends on the rank of each other node X that has an edge to Y. 15. A computer system comprising one or more memories embodying computer-readable code; and one or more processors, wherein the computer system performs the following in response to execution by the one or more processors of the computer-readable code: monitoring a distributed application using one or more logs of information technology events in a distributed system comprising the distributed application, wherein the distributed application is an application that is executed on multiple computers simultaneously within the distributed system, and wherein the monitoring comprises collecting information technology events by a plurality of components in the distributed application, wherein the distributed system comprises a plurality of data objects, and the distributed application uses, processes, or otherwise accesses one or more of the plurality of the data objects, and wherein the information technology events concern the distributed application and concern accesses by the distributed application to one or more of the data objects; correlating the information technology events with a selected set of the plurality of data objects; estimating risks to the selected set of data objects based on the information technology events, wherein estimating risks uses at least ranks of compliance rules as these rules apply to the data objects in the system and vulnerability scores of components of