Welcome to the inaugural post of my new blogging project. I am a SIEM Specialist here at Intel Security, and in the course of my work I get a huge variety of questions from customers about our SIEM product. While I have been working with SIEM since 2004, I am relatively new to Intel Security, so there is still a lot I don't know yet. As a result, I often have to go find the answers either in manuals, internal email threads, or directly from the Product Management team members.

It occurred to me that if my customers and prospects are asking these questions, there are probably others out there who are also wondering, but haven't had a chance to ask. I decided to capture these questions here in my blog and share the answers that I find. I hope you find this a useful resource, and feel free to suggest other questions you would like to see answered here.