• Support
  • Forums
  • Blogs

What can SIEM actually track?

jamesykljamesykl

Big Time
+8
Sorry for asking such question, but I just want to make sure what it can actually track on the workstation. The reason I asked this question is because my SIEM only shows the authentication event, other than that nothing else. So I was wondering can it track the usage pattern like the webpage I went to and etc? if yes, how do i configure it?

Thank you!

Share post:

Answers

  • edited June 2014
    @jykl
    You should look at ElasticSearch which allow you to digg in your log in great details.

    I just discover it yesterday but it seems to be so powerful.
  • Just watch the demo on youtube, it seems like a good tool to use. Thanks!
This discussion has been closed.