Personally, the way I have analyzed is depending on the requirement of the organization and size of logs to be analyzed I have used the tools mentioned below for Small and medium-sized enterprises. Also, I do check for the below-mentioned minimum criteria:
-Real-Time Monitoring and Alerting. -User Activity Monitoring. -Use Case Investigations. -Threat Detection Across the Environment. -Long-Term Event Storage. -Scalability. -Integrations. -Reporting.
Director of Community at PeerSpot (formerly IT Central Station)
Real User
Oct 15, 2021
@Steffen Hornung thank you for your feedback!
One of the community goals is to make sure there is no "vendor-biased" content as our members trust this community. The Vendor label is one of the ways to be explicit about it. Another one is moderation (we've been constantly doing this).
If it is clear to you and, hopefully, to all other community members, we're achieving this goal. Thanks again for your contribution and this valuable feedback!
Find out what your peers are saying about Splunk, Wazuh, Microsoft and others in Security Information and Event Management (SIEM). Updated: March 2025.
Security Information and Event Management (SIEM) tools offer comprehensive visibility and management of an organization’s security events through real-time analysis and correlation of data from multiple sources.
SIEM solutions provide a centralized platform for managing security alerts and logs from various sources such as network devices, servers, and applications. They help identify and mitigate potential threats by analyzing event data for unusual patterns and correlations. These tools...
Personally, the way I have analyzed is depending on the requirement of the organization and size of logs to be analyzed I have used the tools mentioned below for Small and medium-sized enterprises. Also, I do check for the below-mentioned minimum criteria:
-Real-Time Monitoring and Alerting.
-User Activity Monitoring.
-Use Case Investigations.
-Threat Detection Across the Environment.
-Long-Term Event Storage.
-Scalability.
-Integrations.
-Reporting.
Tools:
-LogRhythm
-AlienVault USM
-Elasticsearch
-Splunk
@Steffen Hornung thank you for your feedback!
One of the community goals is to make sure there is no "vendor-biased" content as our members trust this community. The Vendor label is one of the ways to be explicit about it. Another one is moderation (we've been constantly doing this).
If it is clear to you and, hopefully, to all other community members, we're achieving this goal. Thanks again for your contribution and this valuable feedback!
ELK, graylog, OSSIM and Apache Metron (or another Hadoop-like open implementation).
Hi @HimanshuTejwani, @Steffen Klein, @Balamurali Vellalath and @reviewer1467852. Please share your professional opinion with the community.
Thanks.