Online and offline classification of traces of event logs on the basis of security risks