Creating Your Own SIEM and Incident Response Toolkit Using Open Source Tools

This paper describes how one can use open source tools to create an incident response toolkit. A significant piece of your toolkit is a Security Information and Event Manager (SIEM), or the ability to store and process event logs. Two reasons you may want to create your own toolkit and SIEM are:...

By

Jonny Sweeny

June 28, 2011

All papers are copyrighted. No re-posting of papers is permitted

Related Content

DFIR - Blog - Choose Your Malware Analysis Adventure- FOR610 or FOR710__340 x 340.jpg

Digital Forensics, Incident Response & Threat Hunting

February 11, 2025

Choose Your Malware Analysis Adventure: FOR610 or FOR710?

We’ve created a ten-question self-assessment designed to gauge whether FOR610 or FOR710 is the best fit for you.

Digital Forensics, Incident Response & Threat Hunting

January 27, 2025

A Visual Summary of SANS CTI Summit 2025

Check out these graphic recordings created in real-time throughout the event for SANS CTI Summit 2025

DFIR - Blog - SANS CTI Summit Preview_340 x 340a.jpg

Digital Forensics, Incident Response & Threat Hunting

January 27, 2025

SANS Threat Analysis Rundown in Review: SANS CTI Summit Preview

What to expect at the SANS CTI Summit 2025