During my thesis work, I got familiar with a number of new concepts and technologies. I learned the main challenges of information security along with the history of the SIEM approach and its predecessors. My work allowed me to gain a high-level insight to the features of various SIEM products, with a particular emphasis on the ones used in the European market: Splunk and Logalyze.
The process of deploying the testing environment, installing and configuring the two candidate products provided many challenges. Solving these contributed to further improving my problem-solving skills.
After installing and configuring with both products, I found that Splunk provides more flexibility and a better user experience. Based on my experiences with the free version of Splunk, I can highly recommend this SIEM software.
In the future, I would like to get more acquainted with the palette of functions provided by Splunk. I also plan to apply the software in a real corporate environment by introducing it at my current company.