Gartner Blog Network

Category: 'logging' Blog Posts

from the Gartner Blog Network

2018 Popular SIEM Starter Use Cases

by Anton Chuvakin  |  July 20, 2018

One of the most popular posts (example) on my blog is “Popular SIEM Starter Use Cases.” However, this post is from 2014, and is, in fact, partially based on my...

Read more »

Is SIEM The Best Threat Detection Technology, Ever?

by Anton Chuvakin  |  August 7, 2017

That’d be a “NO” – those of my readers who are “anti-SIEM” can calm down now :–) Well…. let me explain and perhaps you will see that the answer evolves...

Read more »

SIEM or Log Management?

by Anton Chuvakin  |  July 26, 2017

Welcome to 2002! Let’s discuss a timely topic … and, no, its not Y2K – that one is fortunately over. The topic is: SIEM vs log management. Yes, really! In...

Read more »

Summer of SIEM 2017 Coming...

by Anton Chuvakin  |  July 11, 2017

Initially, I wanted to name this post “My SIEM Is Too Slow | My SIEM Is Too Dumb”, but then I decided to go for a milder version, because –...

Read more »

PCI Council Log Monitoring Supplement

by Anton Chuvakin  |  August 3, 2016

As I was gracefuly reminded, PCI Council has released a new (and MUCH neeed) document, “Information Supplement: Effective Daily Log Monitoring.” A lot of research (example) reveals that Requrement 10...

Read more »

SIEM/ DLP Add-on Brain?

by Anton Chuvakin  |  February 27, 2015

Initially I wanted to call this post “SIEM has no brains”, but then questioned such harshness towards the technology I’ve been continuously loving for 13 years :-) In any case,...

Read more »

SIEM Webinar Questions - Answered

by Anton Chuvakin  |  April 14, 2014

Last year, I did this great SIEM webinar on “SIEM Architecture and Operational Processes” [free access to recording! No Gartner subscription required] and received a lot of excellent questions. This...

Read more »

How to Use Threat Intelligence with Your SIEM?

by Anton Chuvakin  |  March 26, 2014

SIEM and Threat Intelligence (TI) feeds are a marriage made in heaven! Indeed, every SIEM user should send technical TI feeds into their SIEM tool. We touched on that subject...

Read more »

Detailed SIEM Use Case Example

by Anton Chuvakin  |  September 24, 2013

During inquiries, I am handling a lot of questions about SIEM use cases, what they are, where to get them, how to create them, how to document them, evolve them,...

Read more »

Our Log Standards Paper Publishes

by Anton Chuvakin  |  December 11, 2012

Recently I updated a paper originally written by Dan Blum called “Event and Log Information: A Strong Case for Standards” and it just got posted to the site: “A deficit...

Read more »