It can create alerts about intrusions and security threats in the network in real-time using logs and flow analyzers.
Prelude SIEM also embeds all tools for the exploitation phase to make work easier for operators and help them with risk management.
Prelude SIEM permits alert collection to the WAN scale, whether its scope covers a city, a country, a continent or the world.
In this way, it is natively IDMEF compatible with OpenSource IDS: AuditD, Nepenthes, NuFW, OSSEC, Pam, Samhain, Sancp, Snort, Suricata, Kismet, etc.
Prelude SIEM collects, normalizes, sorts, aggregates, correlates and displays all security events regardless of the types of surveillance equipment.