Full-featured SIEM platforms may be cost-prohibitive for some organizations. One option that is available is the open source platform Security Onion. Security Onion ties a wide range of security tools—such as OSSEC, Suricata, and Snort—into a single platform. Security Onion also has features such as dashboards and tools for deep analysis of log files.

For example, the following screenshot shows the level of detail available:

Although installing and deploying the Security Onion platform may require some resources in terms of time, it is a powerful, low-cost alternative, providing a solution to organizations that cannot deploy a full-featured SIEM solution (the Security Onion platform and associated documentation are available at https://securityonion.net/).