Don't miss an insight. Subscribe to Techopedia for free.


How is SIEM different from general event log management and monitoring?

By Justin Stoltzfus | Last updated: July 6, 2020

In some ways, security information and event management (SIEM) is different than the normal, average event log management that businesses use to look at network vulnerability and performance. However, as a kind of blanket term for a range of technologies, SIEM is in many ways built on the core principle of event log management and monitoring. The biggest difference may be the actual techniques and features involved.

Generally, SIEM is a combination of security information management (SIM) and security event management (SEM). What that means is that SIEM systems incorporate a lot of general capturing of digital log recording, along with more specific systems that look at user events in context. For example, a SEM or security event management resource may be set up to capture different kinds of specific reports on account logins that happened at a certain access level, at a certain time of the day, or in a certain pattern that network administrators can use to sense danger, or deal with various types of administrative issues. However, a security information management system offers broader reports based on all of the aggregate data that is collected about network traffic.

Some experts have defined ideas of how SIEM supersedes the average event log monitoring tool. For example, some suggest that the major value of SIEM is in more specific reports, and more specific features that reveal more about developed outcomes in a network. Where event log monitoring and management may just offer a generic view of what gets generated in a log process, SIEM tools can offer a lot of proprietary value, in terms of really getting into network activity and seeing what goes on in a network.

Share this Q&A

  • Facebook
  • LinkedIn
  • Twitter


Cybersecurity Risk Management

Written by Justin Stoltzfus | Contributor, Reviewer

Profile Picture of Justin Stoltzfus

Justin Stoltzfus is a freelance writer for various Web and print publications. His work has appeared in online magazines including Preservation Online, a project of the National Historic Trust, and many other venues.

More Q&As from our experts

Related Terms

Related Articles

Term of the Day

Canary Test

A canary test, also known as a canary deployment or canary release, is a form of A/B testing used in Agile software...
Read Full Term

Tech moves fast! Stay ahead of the curve with Techopedia!

Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.

Go back to top