Understanding SIEM: Events, Alerts and Logs
I started blogging recently and finally got to discuss SIEM. Not being bound to a SIEM vendor this days I hope I will be able over the course of this and future posts to provide an objective overview of SIEM: what it is, what you can expect from it and what you can't and how SIEM has and will evolve.
You might find my initial post focusing on the basics, differentiating events, alerts and log and their use in a SIEM useful. Comments and responses most welcomed. Here it is on my blog.