SIEM – Grayzone Security

The Big Data SIEM: Storage in Azure

March 25, 2025April 25, 2025 Tyler G.

In the previous article (The Big Data SIEM: Ingestion Layer with Azure) we establish a baseline of principles with which to ingest data at the multiple petabyte per day scale. Though many aspects align to lessons learned in review of Azure’s Well Architected Framework(WAF), we include our recommendations for API client calls, data transformations, team…

Azure, Case Study, Cloud, Docker, Linux, Security

The Big Data SIEM

December 11, 2024May 19, 2025 Tyler G.

You’ve just gotten into the office on a Monday and your CISO has pulled you into a meeting. The board has decided you’re moving your SIEM off of Splunk (Elastic, Rapid7, etc.) to save money…

Azure, Case Study, Cloud, Security