Hey everyone!
I'm looking for recommendations on SIEM tools that effective but also cheap for small organizations. We need something that provides real-time monitoring, log management, and basic threat detection capabilities but doesn’t cost a lot. I prefer something easy to set up that a team can get up to speed with quickly.
I am fine with open-source as well.
Of ones I am familiar with, AlienVault USM is a good one that is not too expensive but it comes with limitations in terms of customization. Splunk is probably the most reliable and powerful free one but you are limited to 500 MB per day unless you pay. Graylog is open source so completely free but requires a manual and has a learning curve. So they all have their upsides and downsides honestly.
raymZz97 15/02/2025 9:32 pm
@jasonb Graylog is only free up until a certain point. You have to pay as you scale upward so it could be an option for some but not everyone. I just wanted to point that out so people are aware of that.
XDR from CrowdStrike offers a free tier as well which might be worth considering as it offers more than Graylog IMO.
Sm0keSc0pe Topic starter
21/02/2025 5:15 pm
@jasonb Thank you both. I will look into these options. I had heard of AlienVault but I too have read about it being limit. My issue is getting a team to actually learn how to use this without it eating up too much time. It seems like there will be some level of learning required but I am trying to minimize it as much as possible.