Get full access to Practical Network Scanning and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Event and log collection or data aggregation

Log collection or aggregation is the heart and soul of a SIEM solution. A SIEM should not be confused with SYSLOG data, which is a simple log generated by devices. Someone has to look at this log to find out the root cause of the alert. The idea is not only to collect log data, but to create a meaningful context from log data. SIEM platforms collect event logs from thousands of different sensors installed on various devices, and these events provide activity data, which is required to analyze the security of our IT environment. In order to get a 360-degree view, we need to consolidate what we collect onto a single platform to find out the pattern. Aggregation is the process of transformation for ...

Get Practical Network Scanning now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now