SOC Experts Community - Beta
1 like 0 dislike
in SOC by (4.1k points)

2 Answers

1 like 0 dislike
by (5.9k points)
Alerts are the timely notifications which triggers when the conditions/rule in the SIEM  (Splunk) matches with the logs.
0 like 0 dislike
by (5k points)
Alerts depend on the type of logs pushed or pulled in Splunk. Alerts refer to notifications and we as analysts work on these depending on the criticality.

SOC Experts - No. 1 Job Oriented Cybersecurity Training Program

View our Courses