Hacker News new | past | comments | ask | show | jobs | submit login

Nice to see an Open-Source Project in this area. But I don't see the point of "just another" SIEM. Why is everyone trying to collect, normalize and and trigger on log data?

Logs are probably the worst source one can have. And its faulty by design. Why not think of something new? A better source for your data would be something to start with. Maybe an intelligent infrastructure for data collection could make it more useful with more relevant data. Only ship relevant data from relevant sources if additional info is required. Maybe that would be a great solution. It would at least be something new.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact