Type-dependent event deduplication

What is claimed is: 1. A computer-implementable method for deduplicating events, comprising: receiving a stream of events, the stream of events comprising a plurality of events, each event of the plurality of events having an associated event type; determining an event type of the plurality of events, the event type corresponding to a particular class of events, the event type being determined by a presence of certain features that have been previously associated with the event type, each certain feature referring to a property, characteristic or attribute of an associated event type; parsing the plurality of events based upon the associated event type, the parsing providing a plurality of parsed events; performing a type-dependent event deduplication operation on the plurality of parsed events to provide a set of deduplicated events, the type-dependent event deduplication operation deduplicating events based upon the event type; enriching data associated with the set of deduplicated events; analyzing the set of deduplicated events, the analyzing using the enriched data associated with the set of deduplicated events; and, performing a security operation, the security operation assessing a risk of a particular entity based upon the analyzing the set of deduplicated events. 2. The method of claim 1 , further comprising: performing a type classification operation on each event of the plurality of events, the type classification operation classifying each event based upon a feature, the feature referring to a property, characteristic or attribute of an associated event, the feature comprising data associated with an entity behavior factor. 3. The method of claim 2 , wherein: the feature is used to determine an equivalence of two events of a same type; and, the type-dependent event deduplication operation deduplicates the two events of the same type. 4. The method of claim 3 , wherein: the feature comprises time information; and, the type-dependent event deduplication operation deduplicates different event types using different granularities to the time information. 5. The method of claim 1 , further comprising: extracting pertinent event data segments to provide extracted event data segments; and, concatenating the extracted event data segments. 6. The method of claim 1 , further comprising: performing a hash function on the plurality of parsed events, the hash function generating a hash value for each of the plurality of events; comparing a first hash value of a first event to a second hash value of a second event; and identifying the first event and the second event as duplicates when the first hash value matches the second hash value. 7. A system comprising: a processor; a data bus coupled to the processor; and a non-transitory, computer-readable storage medium embodying computer program code, the non-transitory, computer-readable storage medium being coupled to the data bus, the computer program code interacting with a plurality of computer operations and comprising instructions executable by the processor and configured for: receiving a stream of events, the stream of events comprising a plurality of events, each event of the plurality of events having an associated event type; determining an event type of the plurality of events, the event type corresponding to a particular class of events, the event type being determined by a presence of certain features that have been previously associated with the event type, each certain feature referring to a property, characteristic or attribute of an associated event type; parsing the plurality of events based upon the associated event type, the parsing providing a plurality of parsed events; performing a type-dependent event deduplication operation on the plurality of parsed events to provide a set of deduplicated events, the type-dependent event deduplication operation deduplicating events based upon the event type; enriching data associated with the set of deduplicated events; analyzing the set of deduplicated events analyzing the set of deduplicated events, the analyzing using the enriched data associated with the set of deduplicated events; and, performing a security operation, the security operation assessing a risk of a particular entity based upon the analyzing the set of deduplicated events. 8. The system of claim 7 , wherein the instructions executable by the processor are further configured for: performing a type classification operation on each event of the plurality of events, the type classification operation classifying each event based upon a feature, the feature referring to a property, characteristic or attribute of an associated event, the feature comprising data associated with an entity behavior factor. 9. The system of claim 8 , wherein: the feature is used to determine an equivalence of two events of a same type; and, the type-dependent event deduplication operation deduplicates the two events of the same type. 10. The system of claim 9 , wherein: the feature comprises time information; and, the type-dependent event deduplication operation deduplicates different event types using different granularities to the time information. 11. The system of claim 7 , wherein the instructions executable by the processor are further configured for: extracting pertinent event data segments to provide extracted event data segments; and, concatenating the extracted event data segments. 12. The system of claim 7 , wherein the instructions executable by the processor are further configured for: performing a hash function on the plurality of parsed events, the hash function generating a hash value for each of the plurality of events; comparing a first hash value of a first event to a second hash value of a second event; and identifying the first event and the second event as duplicates when the first hash value matches the second hash value. 13. A non-transitory, computer-readable storage medium embodying computer program code, the computer program code comprising computer executable instructions configured for: receiving a stream of events, the stream of events comprising a plurality of events, each event of the plurality of events having an associated event type; determining an event type of the plurality of events, the event type corresponding to a particular class of events, the event type being determined by a presence of certain features that have been previously associated with the event type, each certain feature referring to a property, characteristic or attribute of an associated event type; parsing the plurality of events based upon the associated event type, the parsing providing a plurality of parsed events; performing a type-dependent event deduplication operation on the plurality of parsed events to provide a set of deduplicated events, the type-dependent event deduplication operation deduplicating events based upon the event type; enriching data associated with the set of deduplicated events; analyzing the set of deduplicated events, the analyzing using the enriched data associated with the set of deduplicated events; and, performing a security operation, the security operation assessing a risk of a particular entity based upon the analyzing the set of deduplicated events. 14. The non-transitory, computer-readable storage medium of claim 13 , wherein the computer executable instructions are further configured for: performing a type classification operation on each event of the plurality of events, the type classification operation classifying each event based upon a feature, the feature referring to a prope