A Security Information and Event Management (SIEM) is a security product or service that collects, manages, and analyzes security and other event data.
NSX Network Detection and Response can be integrated with SIEMs so that security-related event logs about the network infrastructure are sent to the SIEM. With SIEM integration, an event log is generated and sent to the SIEM for the following scenarios:
- A detection event occurs.
- There is an update for a detection event.
- A new campaign is created.
- There is an update for a campaign.
