After some advice
I have a requirement for Log Management, Reporting and Alerting on the following
Active Directory - Changes, Password Resets, Lockout, Logins ect
File Server - Changes, Access, Specific files/folders
Exchange - Access, Changes, Statistics if possible
Oracle Databases - Performance, Transaction issues ect
Reporting is Key
Threat analysis is good to have
I have looked at Splunk, Alien Vault, Varonis and some other tools nothing does everything so the question is what is the best thing to do?
Do I go for say Alien Vault to take care of the log management and Threat analasys, firewall side of things ect and then use a product like varonis(ideally something cheap but does the job) to take care of the AD, File and Exchange side of things obviously having that tie into the SIEM solution, or should I just look at separate products?