I'm primarily using the solution on my client's site.
This is a log event management tool. We are integrating this solution for the clients where it is required. Mostly we work with OEMs such as IBM, RSA, Splunk, and Micro Focus.
With the help of these tools, you can identify any attacks or phishing activity in your network. Most of the time you are able to identify these types of attacks or activity on your firewall. When the firewall will notify the SIEM tools, it will identify which needs to be acted on immediately - unlike when you are using automation tools. With the help of automated tools, you can block those suspicious IPS or you can hand it over back to your security analyst or analyst team to take action ASAP.