Data is essential to any SIEM. Generally, this data is collected from logs, endpoints, and networks. All of this data paints a holistic picture of your network so you have constant visibility into what’s going on, and where. When it comes to security data, log data is the primary driver. In InsightIDR, Rapid7’s SIEM tool, customers use log data to detect malicious activity, prove compliance, and gain a deep level of visibility across their network.
InsightIDR adds tremendous value by normalizing, attributing, and analyzing this log data by pulling out fields that are critical for security analytics. While our main focus is on parsing data out of logs that can be used for security analytics, customers are also interested in additional data within their logs.
NEVER MISS A BLOG
Get the latest stories, expertise, and news about security today.
Subscribe
Now, InsightIDR customers can easily analyze and visualize all of their data—regardless of whether it’s critical for security analytics—-by using the custom parser to create easily readable logs. Our new Custom Parsing Tool provides an easy-to-use, non-technical way for customers to define what they'd like to parse from their logs, so they can extract the log data that is most relevant to their organization.
What does this look like?
Let’s take a look at a us ..
Support the originator by clicking the read the rest link below.
