What should I log in my SIEM?

Andrea Fisher

Mar 8, 2023

28

4

Assessing the value of data

Read →

4 Comments

Brodie Cassell

Mar 9, 2023

Thank you for writing this up, Andrea!

Expand full comment

Great post Andrea. Now I need to go link it to Sentinel tables & rules!

Expand full comment

I get this question with every new SIEM conversation. Thanks for writing this up Andrea!

Expand full comment

Depends on organization and setup but I believe all critical network/security devices and servers should be addressed.

Expand full comment

Reply

Share

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts