http://infosecnirvana.com/tag/siem-rule-types/
http://www.tripwire.com/state-of-security/security-data-protection/security-information-event-management-actionable-events/
http://www.buzzcircuit.com/guessing-game-planning-sizing-siem-based-on-eps/
http://www.ithome.com.tw/node/77205
注册了一个网站,挺有意思:
http://bi.dataguru.cn/
http://nizq.me/blog/2012/06/12_ossim.html
http://www.tripwire.com/
http://esper.codehaus.org/