2 Replies Latest reply on Mar 21, 2016 6:04 PM by yassinezeroual

    How does SIEM collect information from Windows / Unix / Linux system


      I was wondering how SIEM collect information from WIndows /Unix / Linux systems ?

      Assumed for example with WIndows clients that it collects the information from the event log in the windows event log services.

      Would this be correct an if the event log service isn't running, how can SIEM then retrieve information?