<div>
I would go with SolarWinds, its worth the cost.
</div>


Network Engineer

<div>
SIEM solution is essential to detect and monitor your intrusion points for security incidents, help you prevent cyber threats, and minimize data breaches. You could start with an open-source SIEM tool for a better understanding of the concept behind SIEM.<br><br>Ensure you have enough in-house expert skills to know what kind of use cases to configure in your SIEM. The most challenging will be the scoping of the monitoring devices, fine-tuning the rules, and maintaining the skillset for your SOC team.<br><br><a href="https://www.dnsstuff.com/free-siem-tools/" rel="ugc">https://www.dnsstuff.com/free-siem-tools/</a><br><a href="https://logz.io/blog/open-source-siem-tools/" rel="ugc">https://logz.io/blog/open-source-siem-tools/</a><br><a href="https://www.experts-exchange.com/articles/32316/What-Gives-SIEM-a-Good-Name.html" rel="ugc">https://www.experts-exchange.com/articles/32316/What-Gives-SIEM-a-Good-Name.html</a>
</div>


<div>
So I don’t have a doc team, I’m the only network engineer, and will be the only person managing the solution. &nbsp;I’ve been looking at splunk, I like the apps it has, and wanted to see if there’s anything better out there? &nbsp;It’s a bit complex and there’s a learning curve, so didn’t know if there’s others that are easier to use, but just as powerful?
</div>


<div>
I've seen some that use Perch.<br>Microsoft's Advanced Threat Protection and security services suite within their E5 subscription may also meet the needs if already subscribed.<br><br>Edit: Given the huge holes found in SolarWinds over the year including recently ... not so sure about that one.
</div>


<div>
Would you mind checking the Gartner quadrant on SIEM? Splunk is one of the best. &nbsp;Make sure whatever you choose as a solution should be in the “Leaders” Quadrant of the Gartner Magic Quadrant for SIEM. As you know, there are many vendors to choose from the list. But it all depends on the entities you want to monitor also. Cost depends on what vendor you are choosing; more cost, more capabilities, less cost, fewer capabilities.<br>&nbsp;<br>The SIEM solution should address all the major SIEM use cases, including:<br><ul><li>Log management</li><li>Incident investigations and workflow</li><li>Incident Response</li><li>Forensics</li><li>Security and compliance reporting and visualizations</li><li>Real-time monitoring and alerting on both known and unknown (APT) threats</li><li>Ability to do cross-data source correlations to detect specific patterns</li><li>Long-term data retention</li><li>Software should be easily installed and managed</li><li>Should have available data collectors for popular data sources</li><li>Can be used for major regulations and frameworks including PCI, SOX, NIST 800-53, ISO 27002, COBIT, SSAE 16</li></ul>&nbsp;<br><a href="https://filedb.experts-exchange.com/incoming/2021/07_w30/1567102/Screenshot_1.jpg" rel="ugc"><img src="https://filedb.experts-exchange.com/incoming/2021/07_w30/1567102/Screenshot_1.jpg" class="fr-fic fr-dib"></a>&nbsp;<br><a href="https://www.elastic.co/blog/elastic-security-recognized-in-gartner-magic-quadrant-for-siem" rel="ugc">https://www.elastic.co/blog/elastic-security-recognized-in-gartner-magic-quadrant-for-siem</a><br>&nbsp;
</div>


Screenshot_1.jpg

<div>
<div class="content wysiwyg-content fr-view">
I am looking at Splunk for my SIEM solution, but am open for others that are hopefully easier to use. &nbsp; Does anyone recommend anything other than Splunk that is easy to use and configure?<br>I don't have a lot of time to spend in figuring out how to use a new platform, so looking for a good solution, decently priced and easy to use.<br><br>Any suggestions?
</div>
</div>



I am looking at Splunk for my SIEM solution, but am open for others that are hopefully easier to use.   Does anyone recommend anything other than Splunk that is easy to use and configure?
I don't have a lot of time to spend in figuring out how to use a new platform, so looking for a good solution, decently priced and easy to use.
Any suggestions?

Looking for a good SIEM solution

Networking hardware includes the physical devices facilitating the use of a computer network. Typically, networking hardware includes gateways, routers, network bridges, modems, wireless access points, networking cables, line drivers, switches, hubs, and repeaters. But it also includes hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, ISDN terminal adapters and other related hardware.

Networking Hardware-Other

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

Networking

Network security consists of the policies adopted to prevent and monitor authorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves the authorization of access to data in a network, and covers a variety of computer networks; conducting transactions and communications among businesses, government agencies and individuals. Networks can be private, such as within a company, and others which might be open to public access.

Network Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.