CA#3 Compare and contrast SIEM product offerings The concept behind this CA is for you to investigate using a corporate SIEM solution like Splunk or a mix of opensource and freely available tools. • Task 1 – Examine given log files for suspicious activity using TimeLine Explorer (TE) • Task 2 – Replicate Task 1… Continue reading CA#3 Analysis of SIEM Tools: Investigating Long files with TE, Splunk, and ELK