A classic look at the basics of SIM including a look at real-time vs. Forensic SIM. From the Resource:
“Forensic-focused SIM: Expert Data Mining, Pure Log Storage, ‘Low and Slow’ Detection, Postevent Analysis, Long-term Coverage, Limited Automation, Limited Correlation.”

Resource: Security Information Management: Not Just the Next Big Thing

Source: Nicole Pauls, Information Systems Audit and Control Association

SIM Resource Guide Section: Security Information Management – What is it?