April 19, 2021

Correlation rules for SIEM

Hey All,

We implemented Exabeam’s SIEM a few months ago and have finished getting all of our log sources flowing in nicely. For some reason im having trouble finding resources that talk about good correlation rules to start creating for it. I know that every environment is different but are there any good baseline rules that one should start creating to identify anomalies, behavior ect.. that are must haves? Im very new to SIEMs so be gentle :P

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.