Security Information and Event Management, a security technology designed to collect log data and store it in a centralized repository, make it available for searching, and perform analytics on the data. Common SIEMs include IBM QRadar, Splunk, Microfocus ArcSight, LogRhythm, Securonix, and many others.
User Behavior Analytics/User and Entity Behavior Analytics, an application that works with SIEMs and other data repositories to perform enhanced analytics not available in traditional SIEMs and other security technologies. UBA/UEBA provides additional context around “users” and “entities” (e.g. systems) in contrast to the rule-based alert focus in traditional SIEMs. Many SIEM vendors offer UBA/UEBA as add-on applications.
Events Per Second, the amount of events being processed by the SIEM each second.
The SIEM application that processes and forwards log data, commonly known as Collectors, Connectors, Forwarders, etc, depending on the product.
The “main” SIEM application that stores data, provides searching and analytics capabilities.