• NetFlow
  • tcpdump
  • Cisco Umbrella

Explanation: Security Information and Event Management (SIEM) is a technology that provides real-time reporting and long-term analysis of security events. Two SIEM platforms used by organizations are Splunk and Security Onion with ELK.