Collecting information about the client’s application infrastructure via questionnaire simplifies the process of investigating the different systems envolved and the methodology of configuring their SIEM. A two level questionnaire have been created for the client’s to complete during the application onboarding process :
First level, is to identify the different components of the application.
Second level, is to identify how these components intigrate and the types of source logs.
These documents are living documents always evolving as we come across different hurdles in thE SIEM information gathering stage.