Troubleshooting SIEM Collector Issues

Blue Team SOC Activity

Security Information & Event Management (SIEM) provides consolidated view of security events and respond immediately to a potential threat.

There are several SIEM providers in the market. Some of the known ones are: Microsoft Azure Sentinel, IBM, LogRhythm, Splunk, AlienVault etc.

Photo by Jametlene Reskp on Unsplash

What is Collector?