Use of Security Information and Event Managers (SIEMs) is expanding to include IBM i information, but what is appropriate to send?
By Carol Woodbury
Many organizations started to use a SIEM to help with PCI compliance, allowing them to aggregate information into a single source as well as to be able to better detect attacks. But as more organizations want visibility into the activity occurring across their organizations, SIEMs have become more mainstream. That causes people to wonder what should be sent from IBM i to a SIEM. And that, of course, is one of those “it depends” questions. Let’s take a look at some of the considerations you’ll want to make.