The perfect blog for a Friday – SIEM optimization. So by the time you're reading this, you have already figured out that you need a SIEM and have already identified which one you will use for your environment. If you're having trouble identifying a good siem, here's a good reference point.
So, let's looks at developing custom plugins. So basically why do we write custom plugins? Effectively to parse logs that don't conform to a particular standard in order to generate events.Now, before you start writing any plugins, ensure you have considered the following to reduce noise on your siem.. Manage the log level settings at the applicRead More