For years, organizations have turned to security events and logs, aka machine data, to meet compliance requirements for regulations and mandates such as PCI, HIPAA, FISMA, GLBA, NERC, ISO, COSO, and the EU Data Directive. These compliance requirements typically include security event logging and retention, threat detection and alerting, and incident review and response. Additionally, organizations must measure the effectiveness of the many technical controls required by these regulations and mandates.In the past, organizations have turned to traditional Security Information and Event Management (SIEM) software to meet these requirements. SIEMs centrally collect event and log data from security devices. In turn, these logs can be harnessed for cross-data source correlations and rules to detect threats, after-the-fact incident investigations and response, and for compliance reporting.