it:ad:System Information and Event Management (SIEM) System
- See:
Summary
- Security Information and Event Management System can be used to gather and analyse the data flows from multiple systems.
Notes
- SPLUNK
- SIEM:
- Retention and Compliance
- Log Retention
- Regulatory Compliance
- Archive
- Dashboards
- Interactive
- Visualisation
- Analytics
- Reporting/Compliance
- Built In Reporting
- Alerting
- If Alert then Action…
- Aggregation/Correlation
- Single System
- Robust Search Tools
- Correlation Engine
- Log Integrity