We are looking to deploy an SIEM solution for a hospital that has multiple branches. There is no existing Log aggregation server.
The customer is interested in IBM Qradar as an SIEM solution.
- What devices should SIEM monitor?
- Can we push all logs to SIEM or need a separate log server/solution?
I would appreciate any suggestions