Everything Totally Explained


Ask & we'll explain, totally!
Security Event Manager
Totally Explained

  NEW! All the latest news in the worlds of computer gaming, entertainment, the environment,  
finance, health, politics, science, stocks & shares, technology and much, much, more.  

View this entry using RSS

Everything about Security Event Manager totally explained

A Security Event Manager (SEM) is a computerized tool used on enterprise data networks to centralize the storage and interpretation of logs, or events, generated by other software running on the network. SEMs are a relatively new idea, pioneered in 1999 by a small company called e-Security, and in late 2005 are still evolving rapidly. Just a year or two ago they were called Security Information Managers (SIMs)(External Link) and are also called Security Information and Event Managers (SIEMs). SEMs can help satisfy U.S. regulatory requirements such as those of Sarbanes-Oxley which require (among other things) that certain events, such as accesses to systems and modifications to data, be logged and that the logs be kept for a specified period of time.
   Many systems and applications which run on a computer network generate events which are kept in event logs. These logs are essentially lists of events, with records of new events being appended to the end of the logs as they occur. Well-defined protocols, such as Syslog and SNMP, can be used to transport these events, as they occur, to logging software that isn't on the same host on which the events are generated.
   It is beneficial to send all events to a centralized SEM system for the following reasons:
  • Access to all logs can be provided through a consistent central interface
  • The SEM can provide secure, forensically sound storage and archival of event logs
  • Powerful reporting tools can be run on the SEM to mine the logs for useful information
  • Events can be parsed as they hit the SEM for significance, and alerts and notifications can be immediately sent out to interested parties as warranted
  • Related events which occur on multiple systems can be detected which would be impossible to detect if each system had a separate log
  • Events which are sent from a system to a SEM remain on the SEM even if the sending system fails or the logs on it are accidentally or intentionally erased
Further Information

Get more info on 'Security Event Manager'.


External Link Exchanges

Do you know how hard it is to get a link from a large encyclopaedia? Well we're different and will prove it. To get a link from us just add the following HTML to your site on a relevant page:

    <a href="http://security_event_manager.totallyexplained.com">Security Event Manager Totally Explained</a>

Then simply click through this link from your web page. Our crawlers will verify your link, extract the title of your web page and instantly add a link back to it. If you like you can remove the words Totally Explained and embed the link in article text.
   As long as your link remains in place, we'll keep our link to you right here. Please play fair - our crawlers are watching. Your site must be closely related to this one's topic. Any kind of spamming, dubious practises or removing the link will result in your link from us being dropped and, potentially, your whole site being banned.



Copyright © 2007-8 totallyexplained.com | Licensed under the GNU Free Documentation License | Site Map
This article contains text from the Wikipedia article Security Event Manager (History) and is released under the GFDL | RSS Version