security information management (SIM)

Security Information Management (SIM) are systems in which events and log files are collected from various points in communication systems in order to link them in real time, archive them, process them, analyze them and create current and historical reports from them. Such security information management (SIM) is equivalent to log management.

SIM management monitors the network in real time and examines it for critical events. The approach to evaluating events can be from different perspectives, such as from the user's point of view, where questions arise about where, when and how someone logged in, what systems they accessed and what events were triggered as a result.

Since the data of SIM systems comes from various sources, from network components, systems, firewalls, applications or virus scanners, their content is focused on their own function. They therefore evaluate the events that occur from completely different angles. In addition, they have a wide variety of formats that a SIM platform must process. Together with Security Event Management( SEM), Security Information Management (SIM) forms Security Information and Event Management( SIEM).