Every SIEM system’s goal is to gather relevant data from numerous sources, discover problems, and take necessary action. To create links between event log items, a SIEM system might use either rules-based or statistical correlation engines.
Gathering data from numerous sources around
Then combines those collected data
Begins inspecting the data to find out threats
Identifies threats and alerts organizations