Security Iinformation and Event Management (SIEM) is an approach to security management that seeks to provide an holistic view of an organisation’s information technology (IT) security. The underlying principle of a SIEM system is that relevant data about an enterprise’s security is produced in multiple locations and being able to look at all the data from a single point of view makes it easier to spot trends and see patterns that are out of the ordinary. SIEM combines SIM (Security Information Management) and SEM (Security Event Management) functions into one security management system. Yoroi offers a configuration and management service of a SIEM system based on Splunk. Splunk stores all the logs and provides very fast search capabilities roughly in the same way Google does for the internet. Our analysts write then the correlation searches using SPL (Search Processing Language) to make the most of the data collected with Splunk. The correlated data are then collected and shown as dashboards.