From gbhackers.com
A security information and event management (SIEM) system is the foundation of security processes in the modern security operations center (SOC). A SIEM saves security analysts the effort of monitoring many different systems.
SIEM systems integrate with security tools, network monitoring tools, performance monitoring tools, critical servers and endpoints, and other IT systems. It aggregates the data, correlates it, analyzes it to discover anomalous or suspicious activity, and generates alerts when it identifies activity that might be a security incident.