Talk:Security information and event management

Latest comment: 3 months ago by Tule-hog in topic Security alert

Wiki Education Foundation-supported course assignment

edit

  This article was the subject of a Wiki Education Foundation-supported course assignment, between 17 May 2021 and 31 July 2021. Further details are available on the course page. Student editor(s): Jbuchanan 1. Peer reviewers: YuLinB.

Above undated message substituted from Template:Dashboard.wikiedu.org assignment by PrimeBOT (talk) 08:53, 17 January 2022 (UTC)Reply

NPOV Check September 2012

edit

It seems to me that the terminology, indeed the entire concept of SIEM is contrived and biased toward specific vendors products. This page reads like a bad marketing whitepaper, not a neutral article. SIEM should be no more than a note in a few other articles about the concepts of data storage and regular expressions. — Preceding unsigned comment added by 68.147.207.10 (talk) 15:09, 14 September 2012 (UTC)Reply

While I agree that this is not a well-written article, I disagree that the entire concept of SIEM is contrived. SIEM is recognized as a distinct product category by, for example, Gartner. CassandraToday (talk) 14:12, 1 April 2013 (UTC)Reply
The anonymous comment quoting Gartner as saying that SIEM is a contrived concept gives no source. Actually there is a Gartner report at [1] which addresses this in a different light. But regarding the original, similarly anonymous, complaint that SIEM is nothing but a note under "data storage and regular expressions" that is simply incorrect. SIEM is a significant effort to combine the collection of computer security information together with event management to facilitate analysis of security events and amelioration of them.— Preceding unsigned comment added by MosheHaven (talkcontribs) 15:23, 4 April 2013 (UTC)Reply
Gartner's definition of SIEM: [2]. It is a useful term. — Preceding unsigned comment added by 193.145.201.52 (talk) 07:40, 20 May 2013 (UTC)Reply
I've read enough marketing white papers to feel worthy to throw my two cents in. There are enough vendors is this field of SIEM and enough overlap of functions and fetures to warrarnt in my opinion this article to be neutral. 76.125.240.29 (talk) 22:00, 15 July 2013 (UTC)JnCReply
I've removed the POV check - thanks for your insights! ★NealMcB★ (talk) 00:08, 17 December 2013 (UTC)Reply

Significant Updates July 2021

edit

I have attempted to provide background information on why SIEM solutions were formed from a regulatory and security control perspective. Additionally, I have tried provide a base level understanding of components through a logical diagram and corresponding realistic scenarios. Additionally, I have provided operating system logging relevant to the subject of SIEM and what analysts would actually look for. I am new to the insertion of anything 'brand' related so I could not provide search syntax or screen shots from Splunk or Elastic bringing this article full circle. There are still outdated items on the page that need to be updated and appear to be residual from years ago. Please comment as necessary. Jbuchanan 1 (talk) 22:28, 28 July 2021 (UTC)Reply

Security alert

edit

Security alert is currently a redirect to this article. It might benefit from an explicit section. Tule-hog (talk) 02:14, 27 July 2024 (UTC)Reply