Cloud SIEM Enterprise (CSE) is a cloud-based SIEM that provides the following functionality:
- Collection of log and event data from your infrastructure and applications, on-premise and in-cloud.
- Correlation of the collected data to reduce the volume of info you need to sift through to investigate issues.
- A rich interface that analysts and admins can use to investigate security issues and administer CSE itself.
- Integration with the Sumo Logic platform.
In this section, we'll introduce the following concepts:
🗃️ Match Lists and Suppressed Lists
🗃️ Records, Signals, Entities, and Insights