Start a new topic

Cross Log Correlation

I'm looking to start correlating logs across different systems and event types. The ability to track an event across multiple devices device types (network gear to windows to Linux to software) is becoming more important not only for troubleshooting but also from the NIST 800-171/CMMC verification levels. This means we are going to need improvements to identifying the column and data that's saved to the database so we can easily add correlation between different types of logs and information. This is probably a huge undertaking but it's the future of SIEM.



Login or Signup to post a comment