cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Re: How are you resourcing your SIEM?

This is a good start.  I was thinking along the same lines.  One of the most time consuming parts is chasing down issues.  It doesn't add up if you are trying to work with IT teams at the same time, you have to add data sources, monitor, chase incidents, analyze, write rules, etc... and the list goes on.    I'm also hoping for more responses.

Highlighted
Level 9
Report Inappropriate Content
Message 12 of 14

Re: How are you resourcing your SIEM?

In my orgnanization we have approx over 10k devices pumping into the SIEM.

There are 2 of us who manage it (but not full time, we have many other responsibilities), there are approximately 2 out of 10 people always monitoring and analyzing events 24x7x365.

-d

Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 13 of 14

Re: How are you resourcing your SIEM?

It would be nice if there was some sort of baseline training or certification for these devices.  I recently became responsible for our SIEM and while I'm no dummy, it's simply overwhelming what it can do, and trying to get a fix on any one particular function or process is difficult at best.

Highlighted
Level 9
Report Inappropriate Content
Message 14 of 14

Re: How are you resourcing your SIEM?

I agree the amount of features and how you can use them does get overwhelming.  I have put in a PER to create documentation/videos of how McAfee and it's customer-base are using some of the features in an advanced setting (preferably with screenshots of configurations) -- I think this is really the best way as I don't McAfee having enough materail to create a course that covers this information.

-d

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community