I am having a difficult time identifying a cost-effective SIEM tool for my clients. Does anyone have any suggestions? I know there are many solutions out there in the marketplace, but they are typically very expensive, too expensive for SMB.
We use https://www.blumira.com/ if you sign up, tell them Tom Lawrence says hi.
Thanks so much! This looks perfect!
As I’ve gotten further into this solution, it appears that it needs to be placed on a Linux VM at a minimum.
What do you all do for those small business clients who may not be running any virtualization or Linux boxes? I was looking at possibly installing this onto a micro PC with Ubunto and placing it on my client’s network? Ever tried that before?
Yes, that is the solution for clients that don’t have a virtualization stack.
what micro PCs would be recommended in that scenario? raspberry pi?
Blumira does not support ARM chips so I believe this would disqualify RP. I am testing it on an Intel NUC and it seems like this is an option that would be good for some circumstances.