Hello, and welcome to the community!
The 'Result' category in the Real-Time Threat Analyzer is a string that determines what the end result of a particular attack was. In many cases you will see 'n/a' or 'inconclusive' or 'blocked'.
Here are the definitions of the two types of results, according to the Administration Guide:
— The result of the attack is not known. This is most likely due to a generic policy,
such as the Default or All-Inclusive policy where the policy rules are not environment specific. For
example this may be the result if an attack occurs against an irrelevant node.
: the alert was raised for suspicious, but not necessarily malicious, traffic. This result is
common for Reconnaissance attacks due to the nature of port scanning and endpoint sweeping.
In conclusion -
'Inconclusive' result is used when the Network Security Manager is uncertain about whether or not an attack was successful. (Microsoft Outlook exploit on a Linux Webserver, for instance)
'n/a' result is used to display alerts that are more informational in nature. (Host sweeps, DoS attacks, Credentials that are too long, potential bot detections, IRC traffic detected, etc.)
If you want to know more about the Real-Time Threat Analyzer, this is the guide I referred to:
Technical Support Engineer
McAfee. Part of Intel Security.