Getting Started with Cloud SIEM
Logz.io Cloud SIEM combines the power of OpenSearch Dashboards with advanced security analytics tools to help you identify, investigate, and remediate threats quickly and efficiently.
You Cloud SIEM account has the following:
A. Summary: The summary dashboard shows the last 24 hours of security events affecting your systems. Learn more about investigating events.
B. Event Management : Cloud SIEM has an integrated platform for security events management where you can view security events that have occured, edit them, and assign a security rule to a team member. Learn more.
C. Rules : Manage your SIEM's preconfigured rules, or add your own. When a security rule triggers, a security event is logged and written to the relevant dashboards as well as the Summary and Threats dashboards. Learn more.
D. Dashboards : Your Cloud SIEM is pre-loaded with a large library of dashboards curated by Logz.io. Learn more.
E. Threats Overview & Threat Intelligence feeds : The Threats dashboard shows you potential threats by correlating your logs with lists of known threats using public and private threat feeds. Learn more.
F. OpenSearch Dashboards : Use OpenSearch Dashboards to drill down into your logs, or select dashboards to review events by specific Security products. Your Cloud SIEM is pre-loaded with a large library of dashboards curated by Logz.io. Learn more.
G. Reports : Schedule dashboards to be sent out as reports on a regular basis. Learn more.