A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security information and event management (SIEM). Thanks to all contributors, you're awesome and wouldn't be possible without you! Our goal is to build a categorized community-driven collection of very well-known resources.
- Security information and event management (SIEM) is an approach to security management that combines SIM (security information management) and SEM (security event management) functions into one security management system. The acronym SIEM is pronounced "sim" with a silent e.
- Vendors
Vendors | Solutions | Datasheet | Implementation Guide | Architecture Diagram |
---|---|---|---|---|
Cribl LogStream | Cribl LogStream delivers a cost-effective solution that optimizes your observability data collection. This purpose-built, vendor-neutral observability pipeline allows for the collection of data from any source to any destination, while transforming, enriching, shaping, and routing the data. | |||
Splunk Cloud | Splunk’s integration into AWS Control Tower allows administrators to automatically configure and setup AWS services. Data from AWS CloudTrail, AWS Config, and other sources can be incorporated in to your Splunk deployment using Kinesis Data Firehose and Splunk HTTP Event Collector (HEC). With Splunk Cloud, you can automatically collect data from newly vended AWS Accounts and dashboards and alert compliance to AWS Control Tower Guardrails. | |||
Sumo Logic | Sumo Logic Cloud-Native Machine Data Analytics pulls in critical operational data across services and accounts to give a unified view of AWS environments. Easily navigate from overview dashboards into account, region, availability zone, or service-specific views. Intuitive navigation across logs and metrics data ensures teams can quickly resolve issues, minimize downtime, and improve system availability. The Sumo Logic Continuous Intelligence Platform™ automates the collection, ingestion, and analysis of application, infrastructure, security, and IoT data to derive actionable insights. | |||
Logz.io | Logz.io AI-Powered ELK-as-a-Service is a cloud-native observability platform providing unified monitoring, troubleshooting, and security for distributed cloud environments. Intelligent log analytics help engineers and businesses resolve incidents faster and simplify cloud security. Logz.io’s analytics and optimization tools help businesses reduce overall logging expenses and identify production and security incidents in real-time. | |||