Personally, the way I have analyzed is depending on the requirement of the organization and size of logs to be analyzed I have used the tools mentioned below for Small and medium-sized enterprises. Also, I do check for the below-mentioned minimum criteria:
-Real-Time Monitoring and Alerting. -User Activity Monitoring. -Use Case Investigations. -Threat Detection Across the Environment. -Long-Term Event Storage. -Scalability. -Integrations. -Reporting.
Director of Community at PeerSpot (formerly IT Central Station)
Real User
Oct 15, 2021
@Steffen Hornung thank you for your feedback!
One of the community goals is to make sure there is no "vendor-biased" content as our members trust this community. The Vendor label is one of the ways to be explicit about it. Another one is moderation (we've been constantly doing this).
If it is clear to you and, hopefully, to all other community members, we're achieving this goal. Thanks again for your contribution and this valuable feedback!
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: November 2024.
Personally, the way I have analyzed is depending on the requirement of the organization and size of logs to be analyzed I have used the tools mentioned below for Small and medium-sized enterprises. Also, I do check for the below-mentioned minimum criteria:
-Real-Time Monitoring and Alerting.
-User Activity Monitoring.
-Use Case Investigations.
-Threat Detection Across the Environment.
-Long-Term Event Storage.
-Scalability.
-Integrations.
-Reporting.
Tools:
-LogRhythm
-AlienVault USM
-Elasticsearch
-Splunk
@Steffen Hornung thank you for your feedback!
One of the community goals is to make sure there is no "vendor-biased" content as our members trust this community. The Vendor label is one of the ways to be explicit about it. Another one is moderation (we've been constantly doing this).
If it is clear to you and, hopefully, to all other community members, we're achieving this goal. Thanks again for your contribution and this valuable feedback!
ELK, graylog, OSSIM and Apache Metron (or another Hadoop-like open implementation).
Hi @HimanshuTejwani, @Steffen Klein, @Balamurali Vellalath and @reviewer1467852. Please share your professional opinion with the community.
Thanks.