Table of Contents
SIEM Components
1: Collection:
Collect and parse data from various sources such as logs, network devices, endpoints, and security tools.
2: Normalization:
Translate data into a common format and enrich it with additional contextual information.
3: Correlation:
Recognize and group related events to provide a clear picture of security activity.
4: Alerting:
Create and send real-time alerts of potential security incidents to security teams for review.
