Specifications include, but are not limited to: The solution must include the following minimum capabilities: A. The solution must support on-premises, cloud-hosted, SaaS, and hybrid deployments. B. Must be highly available (24x7x365) with a minimum of 99.9% uptime. C. The solution must include a license for ingestion of at least 500GB of data per day. D. Ability to support the following data sources: JSON, SNMP, Syslog, SplunkTCP, Office 365, Kafka, Azure, AWS, GCP, TCP/UDP, Palo Alto, Cisco, Windows, Linux, IPS/IDS sensors, webproxy, web application firewalls, application logs, anti-virus, API services and custom scripts. E. Able to support the following data sources: Splunk, CrowdStrike Falcon LogScale, Elasticsearch, Syslog, Webhook, TCP JSON, Amazon S3, Google Cloud Storage, Azure Blob Storage, File Systems/NFS, Azure Log Analytics Workspace, Sumo Logic, Google Chronicle, Azure Sentinel and Exabeam. F. Support queuing to hold copies of original data until receipt is confirmed by all destinations. G. Enable transformation of data formats to/from XML, JSON, Key-Value, CSV, TSV, CEF format. H. Able to route single data stream to multiple destinations, including several SIEMs, Data Lake, and Managed Security Service Provider (MSSP) at the department levels...
