SIEM / LOG Correlation Service

SIEM stands for log monitoring. Log management and analysis covering all critical networks and devices in your system is called SIEM project. It is defined as the analysis of the event records produced by the system according to the determined rules. Log management, which consists of steps such as comprehensive collection, merging, storage and accurate analysis of the logs produced by the system with SIEM Projects, can reveal the indicators and evidence of the attack. One of these projects is called Log Management.

It should not be forgotten that SIEM systems are not log generators, they are components that collect logs, make sense of them and generate alarms. Most institutions think that by just installing SIEM they will be aware of anomalies in local network, whereas SIEM is like a calculator, if you don't tell it the correct number and operation the result will not be as you expect.

How to Make a Successful SIEM Project?

Necessary Steps for SIEM Projects

Identification of Requirements, Scoping and Project Management

Every institution's need for logging differs according to its location and needs. For a successful log management and siem project, the scope and basic level needs must be determined first, and then the project must be started with the selection of products suitable for these requirements.

The following main steps are carried out within the scope of this study:

Examination of known commercial and open source LOG/SIEM products, performing POC steps and reference checks
Information such as which log sources will be collected in which order etc. should be decided at this stage and the capacity and license status of the product to be purchased should be determined accordingly.
Log management and SIEM Project draft calendar,
After this work step, the most ideal LOG and SIEM solution suitable for the environment of the institution should be decided and the scope of the Log Project should be determined and the work should be started.