Offering regional and national programs, CIO (and CSO) events bring together some of the most respected names and thought leaders in information technology and security. Presented by CIOs and other senior level executives, these invitation-only programs offer timely topics and strong networking. Learn More »
Social Responsibility's Strategic Benefits
December 15, 11:30 AM - 12:30 PM US/Eastern (GMT-5)
Join Ed Granger-Happ, CIO of Save the Children, for a discussion of how creating an organization that is socially responsible improves staffing, retention, leadership development and overall corporate health.
Working With and Communicating to Your Board of Directors
January 13, 2009, 4:00 PM - 5:00 PM US/Eastern (GMT-5)
CIO panelists who will share tips and experiences working with their boards: Twila Day of SYSCO; Jeff O'Hare, West Corp.; Marc West, formerly with H&R Block.
IT's Role in Growing Mid-Market Companies
January 14, 4:00 PM - 5:00 PM ET (GMT-5)
Mid-market Council members will share their companies' stories and challenges in driving or coping with growth. Panelists represent Veterinary Pet Insurance, Medicis Pharmaceutical, and Intrax Cultural Exchange.
Learn more about the CIO Executive Council »
Apply today for a FREE subscription to CIO Magazine!
Are SIEM and Log Management the Same Thing?
Log management has been around for awhile, but is SIEM taking over?
July 01, 2008 — Network World — Like many things in the IT industry, there's a lot of market positioning and buzz tossed around regarding how the original term of SIM (Security Information Management), the subsequent marketing term SEM (Security Event Management), the newer combined term of SIEM (Security Information and Even Management) relate to the long standing process of log management.
The basics of log management aren't new. Operating systems, devices and applications all generate logs of some sort that contain system-specific events and notifications. The information in logs may vary in overall usefulness, but before one can derive much value out of them, they first need to be enabled, then transported and eventually stored. It is here that the first challenge of log management is presented: how does one gather this data from an often distributed range of systems and get it into a centralized (or at least semi-centralized) location? There are varying techniques to accomplish centralization, ranging from standardizing on the syslog mechanism and then deploying centralized syslog servers, to using commercial products to address the log acquisition, transport and storage issues. Some of the other issues in log management include working around network bottlenecks, establishing reliable event transport (such as syslog over UDP isn't exactly the most robust of models), setting requirements around encryption, and managing the raw data storage issues.
So the first steps in this process are figuring out what type of log and event information you want to gather, how to transport it, and where to store it. But that leads to another major consideration: once you have it, what do you want to do with it? It is at this point where basic log management ends and the higher-level functions associated with SIEM begins.
SIEM products typically provide many of the features required for log management but add event-reduction, alerting and real-time analysis capabilities. They provide the layer of technology that allows one to say with confidence that not only are logs being gathered but they are also being reviewed. SIEM also allows for the importation of data that isn't necessarily event-driven (such as vulnerability scanning reports)—hence the "Information" portion of SIEM.
In watching the market mature over the past 10 years we believe there is room for both traditional log management tools and the real-time analysis capabilities provided by SIEM tools, but we suspect that organizations would prefer to go to a single vendor for both. Clearly organizations have to solve the first problem (log management) in order to address the second (analysis and monitoring), but the wise purchaser will know that after the first problem is addressed the second will become immediately apparent. Plan accordingly.
© 2007 Network World Inc.
Operational Excellence Is Key to Maximizing IT Investments
IT Service Management: Metrics That Matter
Configuration Assessment: Choosing the Right Solution
Tying Employee Development Activities to Corporate Strategy
Beat your competition to the punch with faster, more cost-effective product lifecycle management.
Service Dependency Mapping
Constructing Partnerships That Work
Remote Infrastructure Management - What Your Peers are Thinking
The Power of Telepresence
IT Risk Management: Preparing for the Perfect Storm
IT Cost Transparency & Performance Management for Optimizing IT
Grassroots Data Governance with SAP MDM
Resource Alerts
Get instant email notifications by topic when white papers, webcasts, and case studies are added to our library.
Microsoft Releases Next Wave of Windows Live Services
Report: Former AOL CEO Miller Trying to Buy Yahoo
Sierra Wireless to Buy Wavecom
Zoho Releases SQL-Based Data-Access Service
Open-Source Developers Set Out Software Road Map for 2020
VMware Expands Desktop Virtualization Capabilities
IE Share Slips Under 70% as Firefox Surges Past 20%
Filing: SAP Co-CEO had Concerns About TomorrowNow Deal
Windows Market Share Drops Below 90% for First Time
Apple Quietly Recommends Using Antivirus Software
Just the basics, please. Sometimes we all need a refresher or we need to make sure our team and our colleagues are all on the same page.
Over 25 tutorials on everything from business intelligence to virtualization.
- CIO|
- Computerworld|
- CSO|
- DEMO|
- Game Pro|
- Games.net|
- IDG|
- IDG UK|
- IDG Connect|
- IDG Tech Network |
- IDG World Expo|
- Industry Standard|
- InfoWorld|
- ITworld|
- JavaWorld|
- LinuxWorld|
- MacUser|
- Macworld|
- Network World|
- PC World|
- Playlist|
- CIO UK|
- CIO Germany|
- CIO China|
- CIO Sweden|
- CIO Australia|
- Other CIO Sites
