{"id":7169,"date":"2026-04-10T14:31:46","date_gmt":"2026-04-10T12:31:46","guid":{"rendered":"https:\/\/logmanager.com\/?post_type=learning_hub&#038;p=7169"},"modified":"2026-05-27T10:52:49","modified_gmt":"2026-05-27T08:52:49","slug":"co-je-to-siem","status":"publish","type":"learning_hub","link":"https:\/\/logmanager.com\/cs\/learn\/co-je-to-siem\/","title":{"rendered":"SIEM a jeho role v arzen\u00e1lu kybernetick\u00e9 bezpe\u010dnosti"},"content":{"rendered":"\n<p>Porozum\u011bt tomu, co je SIEM, je dnes kl\u00ed\u010dov\u00e9 pro ka\u017ed\u00e9ho, kdo se kybernetick\u00e9 bezpe\u010dnosti v\u011bnuje. V tomto \u010dl\u00e1nku vysv\u011btlujeme, jak SIEM syst\u00e9my funguj\u00ed, porovn\u00e1v\u00e1me jejich funkce s dal\u0161\u00edmi bezpe\u010dnostn\u00edmi n\u00e1stroji a ukazujeme, pro\u010d pat\u0159\u00ed do z\u00e1kladn\u00ed v\u00fdbavy firem \u010del\u00edc\u00edch kybernetick\u00fdm \u00fatok\u016fm, regulatorn\u00edmu tlaku a p\u0159et\u00ed\u017een\u00fdm IT t\u00fdm\u016fm.<\/p>\n\n\n\n<p>Firmy dnes \u010del\u00ed vln\u011b hrozeb ze strany \u00fato\u010dn\u00edk\u016f vyu\u017e\u00edvaj\u00edc\u00edch um\u011bl\u00e9 inteligence k automatizaci malwaru, ransomwaru, phishingu a \u00fatok\u016f zevnit\u0159 organizace.<\/p>\n\n\n\n<p>V\u00fdmluvn\u011b to ilustruje zku\u0161enost britsk\u00e9ho telekomunika\u010dn\u00edho giganta BT. Po\u010det \u00fatok\u016f s vyu\u017eit\u00edm AI, kter\u00e9 m\u00ed\u0159ily na jeho s\u00edt\u011b, vzrostl b\u011bhem jedin\u00e9ho roku o neuv\u011b\u0159iteln\u00fdch 1200 %. Jen v roce 2024 zaznamenala BT 2000 potenci\u00e1ln\u00edch kybernetick\u00fdch hrozeb za sekundu. Tedy objem dat, kter\u00fd u\u017e lidsk\u00fd analytik nem\u016f\u017ee zvl\u00e1dnout.<\/p>\n\n\n\n<p>Takov\u00e9 mno\u017estv\u00ed bezpe\u010dnostn\u00edch dat lze efektivn\u011b zvl\u00e1dat a analyzovat jen s pomoc\u00ed modern\u00edch n\u00e1stroj\u016f jako SIEM (Security Information and Event Management).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Jak funguje SIEM<\/h2>\n\n\n\n<p>N\u00e1stroje kategorie SIEM shroma\u017e\u010fuj\u00ed bezpe\u010dnostn\u00ed logy a ud\u00e1losti z cel\u00e9ho IT prost\u0159ed\u00ed, a to v\u010detn\u011b firewall\u016f, server\u016f, koncov\u00fdch za\u0159\u00edzen\u00ed, s\u00edt\u00ed a cloudov\u00fdch platforem.<\/p>\n\n\n\n<p>T\u00edm, \u017ee tato data centralizuj\u00ed na jednom m\u00edst\u011b, poskytuj\u00ed SIEMy lep\u0161\u00ed p\u0159ehled a kontrolu nad d\u011bn\u00edm v s\u00edti, a to v kontextu. Pom\u00e1haj\u00ed bezpe\u010dnostn\u00edm t\u00fdm\u016fm reagovat rychleji, odhalovat a analyzovat slo\u017eit\u00e9 hrozby a v kone\u010dn\u00e9m d\u016fsledku sni\u017eovat riziko n\u00e1kladn\u00fdch incident\u016f \u010di v\u00fdpadk\u016f.<\/p>\n\n\n\n<p>Zv\u00fd\u0161en\u00ed p\u0159ehlednosti a pos\u00edlen\u00ed kybernetick\u00e9 bezpe\u010dnosti ale nejsou jedin\u00fdmi d\u016fvody, pro\u010d firmy do SIEM\u016f investuj\u00ed. Men\u0161\u00ed i v\u011bt\u0161\u00ed organizace je vyu\u017e\u00edvaj\u00ed tak\u00e9 jako n\u00e1stroj pro pln\u011bn\u00ed IT compliance po\u017eadavk\u016f, proto\u017ee mimo jin\u00e9 umo\u017e\u0148uj\u00ed dlouhodob\u00e9 uchov\u00e1v\u00e1n\u00ed z\u00e1znam\u016f o ud\u00e1lostech, reporting, forenzn\u00ed anal\u00fdzu nebo usnad\u0148uj\u00ed p\u0159\u00edpravu na audity.<\/p>\n\n\n\n<p>Jin\u00e9 firmy zav\u00e1d\u011bj\u00ed SIEM pro centralizaci logov\u00e1n\u00ed a bezpe\u010dnostn\u00edho dohledu, proto\u017ee pom\u00e1haj\u00ed udr\u017eet kontrolu nad provozem v rozs\u00e1hl\u00fdch prost\u0159ed\u00edch, mezi v\u00edce organiza\u010dn\u00edmi jednotkami nebo v r\u00e1mci geograficky rozpt\u00fdlen\u00fdch pobo\u010dek.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Z\u00e1kladn\u00ed funkce SIEM<\/h2>\n\n\n\n<p>A\u010dkoliv se jednotliv\u00e9 SIEM platformy li\u0161\u00ed v \u0159ad\u011b parametr\u016f od mo\u017enost\u00ed nasazen\u00ed, p\u0159es rozsah funkc\u00ed a\u017e po p\u0159izp\u016fsobitelnost, v\u011bt\u0161ina z nich nab\u00edz\u00ed n\u00e1sleduj\u00edc\u00ed z\u00e1kladn\u00ed funkce.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Spr\u00e1va log\u016f<\/h3>\n\n\n\n<p>SIEM syst\u00e9my shroma\u017e\u010fuj\u00ed, normalizuj\u00ed a ukl\u00e1daj\u00ed <a href=\"https:\/\/logmanager.com\/cs\/blog\/log-management\/jak-na-logovani-typy-logu-zdroje-co-logovat\/\">logy<\/a> ze v\u0161ech \u010d\u00e1st\u00ed IT prost\u0159ed\u00ed, od firewall\u016f, server\u016f a koncov\u00fdch za\u0159\u00edzen\u00ed a\u017e po cloudov\u00e9 slu\u017eby. T\u00edm vytv\u00e1\u0159ej\u00ed archiv z\u00e1znam\u016f o b\u011b\u017en\u00fdch aktivit\u00e1ch z\u0159\u00edzen\u00ed, ale i bezpe\u010dnostn\u00edch ud\u00e1lostech, kter\u00fd je podkladem pro detekci a anal\u00fdzu incident\u016f nap\u0159\u00ed\u010d celou s\u00edt\u00ed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Detekce hrozeb a korelace ud\u00e1lost\u00ed<\/h3>\n\n\n\n<p>SIEM n\u00e1stroje umo\u017e\u0148uj\u00ed propojit jednotliv\u00e9 bezpe\u010dnostn\u00ed ud\u00e1losti a odhalovat t\u00edm podez\u0159el\u00e9 aktivity. Vyu\u017e\u00edvaj\u00ed k tomu tak\u00e9 anal\u00fdzu chov\u00e1n\u00ed u\u017eivatel\u016f a entit (UEBA \u2013 User and Entity Behavior Analytics). Nap\u0159\u00edklad:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Neo\u010dek\u00e1van\u00e9 zm\u011bny v syst\u00e9mov\u00e9 konfiguraci proveden\u00e9 u\u017eivatelem s vysok\u00fdm opr\u00e1vn\u011bn\u00edm mohou indikovat zneu\u017eit\u00ed \u00fa\u010dtu.<\/li>\n\n\n\n<li>Malware na jednom za\u0159\u00edzen\u00ed a n\u00e1hl\u00fd n\u00e1r\u016fst odchoz\u00edho provozu m\u016f\u017ee indikovat kr\u00e1de\u017e dat.<\/li>\n\n\n\n<li>Neobvykl\u00e9 p\u0159\u00edstupy, jako je p\u0159ihl\u00e1\u0161en\u00ed jednoho zam\u011bstnance ze dvou zem\u00ed b\u011bhem n\u011bkolika minut, mohou poukazovat na kr\u00e1de\u017e p\u0159ihla\u0161ovac\u00edch \u00fadaj\u016f.<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"519\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/image-4-1024x519.png\" alt=\"Potential threat - failed administrator login\" class=\"wp-image-3946\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/image-4-1024x519.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/image-4-300x152.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/image-4-768x390.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/image-4.png 1165w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-xs-font-size\"><em>Obr. 1: \u010cerven\u00fd sloupec ozna\u010duje ne\u00fasp\u011b\u0161n\u00fd pokus o p\u0159ihl\u00e1\u0161en\u00ed dom\u00e9nov\u00e9ho administr\u00e1tora, tedy mo\u017en\u00fd sign\u00e1l bezpe\u010dnostn\u00ed ud\u00e1losti. (Logmanager)<\/em><\/p>\n\n\n\n<p>Tradi\u010dn\u00ed SIEM syst\u00e9my k odhalov\u00e1n\u00ed podez\u0159el\u00e9 aktivity vyu\u017e\u00edvaj\u00ed p\u0159eddefinovan\u00e1 i vlastn\u00ed pravidla, behavior\u00e1ln\u00ed anal\u00fdzy a threat intelligence feedy. Pokro\u010dilej\u0161\u00ed platformy nav\u00edc nasazuj\u00ed strojov\u00e9 u\u010den\u00ed, kter\u00e9 dok\u00e1\u017ee identifikovat podez\u0159el\u00e9 vzory chov\u00e1n\u00ed, je\u017e by klasick\u00fdm pravidl\u016fm unikly.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Reakce a upozorn\u011bn\u00ed v re\u00e1ln\u00e9m \u010dase<\/h3>\n\n\n\n<p>SIEM n\u00e1stroje nep\u0159etr\u017eit\u011b monitoruj\u00ed infrastrukturu a v p\u0159\u00edpad\u011b podez\u0159el\u00e9 aktivity generuj\u00ed upozorn\u011bn\u00ed. Ty se automaticky \u0159ad\u00ed podle z\u00e1va\u017enosti, co\u017e pom\u00e1h\u00e1 t\u00fdm\u016fm zam\u011b\u0159it se na nejkriti\u010dt\u011bj\u0161\u00ed hrozby.<\/p>\n\n\n\n<p>N\u011bkter\u00e9 SIEM platformy se integruj\u00ed s n\u00e1stroji SOAR (Security Orchestration, Automation and Response), d\u00edky \u010demu\u017e mohou prov\u00e1d\u011bt automatizovan\u00e9 akce, nap\u0159\u00edklad zablokov\u00e1n\u00ed IP adresy nebo izolaci kompromitovan\u00e9ho za\u0159\u00edzen\u00ed.<\/p>\n\n\n\n<p>SIEM rovn\u011b\u017e poskytuje data pro rekonstrukci \u010dasov\u00e9 osy \u00fatoku, identifikaci posti\u017een\u00fdch syst\u00e9m\u016f a dal\u0161\u00ed kroky pro zm\u00edrn\u011bn\u00ed dopad\u016f bezpe\u010dnostn\u00edho incidentu.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Integrace s threat intelligence<\/h3>\n\n\n\n<p>SIEM syst\u00e9my ne\u010derpaj\u00ed informace jen z intern\u00edch log\u016f a ud\u00e1lost\u00ed, ale tak\u00e9 z extern\u00edch zdroj\u016f, typicky z&nbsp; datab\u00e1z\u00ed zn\u00e1m\u00fdch hrozeb (threat intelligence feeds). Tyto zdroje poskytuj\u00ed aktu\u00e1ln\u00ed informace o \u0161kodliv\u00fdch IP adres\u00e1ch, dom\u00e9n\u00e1ch, vzorc\u00edch \u00fatok\u016f a taktik\u00e1ch \u00fato\u010dn\u00edk\u016f.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">IT compliance a auditn\u00ed po\u017eadavky<\/h3>\n\n\n\n<p>\u0158ada odv\u011btv\u00ed, jako jsou nap\u0159\u00edklad finance nebo zdravotnictv\u00ed, podl\u00e9h\u00e1 siln\u011bj\u0161\u00ed regulaci ze strany legislativy nebo oborov\u00fdch standard\u016f (<a href=\"https:\/\/logmanager.com\/cs\/?p=3680\">IT compliance<\/a>). V d\u016fsledku pak regulovan\u00e9 instituce mus\u00ed nap\u0159\u00edklad sledovat, uchov\u00e1vavat a reportovat bezpe\u010dnostn\u00ed incidenty.<\/p>\n\n\n\n<p>SIEM n\u00e1stroje v tomto ohledu:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Zaznamen\u00e1vaj\u00ed v\u0161echny bezpe\u010dnostn\u00ed ud\u00e1lost a souvisej\u00edc\u00ed logy pro auditn\u00ed \u00fa\u010dely.<\/li>\n\n\n\n<li>Umo\u017e\u0148uj\u00ed generovat reporty pro prok\u00e1z\u00e1n\u00ed souladu s GDPR, HIPAA, PCI DSS a dal\u0161\u00edmi standardy.<\/li>\n\n\n\n<li>Umo\u017e\u0148uj\u00ed odhalit ne\u017e\u00e1douc\u00ed chov\u00e1n\u00ed d\u0159\u00edve, ne\u017e dojde k poru\u0161en\u00ed souladu s p\u0159edpisy.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Lep\u0161\u00ed p\u0159ehled o bezpe\u010dnosti<\/h3>\n\n\n\n<p>SIEM platformy poskytuj\u00ed centralizovan\u00fd pohled na bezpe\u010dnostn\u00ed d\u011bn\u00ed v organizaci. D\u00edky real-time dashboard\u016fm mohou bezpe\u010dnostn\u00ed t\u00fdmy sledovat logy, vzorce hrozeb a alerty v jednom rozhran\u00ed. Dashboardy obvykle nab\u00edzej\u00ed:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Sledov\u00e1n\u00ed ud\u00e1lost\u00ed v re\u00e1ln\u00e9m \u010dase<\/li>\n\n\n\n<li>P\u0159izp\u016fsobiteln\u00e9 reportovac\u00ed n\u00e1stroje<\/li>\n\n\n\n<li>Mo\u017enost detailn\u00ed anal\u00fdzy konkr\u00e9tn\u00edch hrozeb<\/li>\n<\/ul>\n\n\n\n<p>D\u00edky konsolidaci dat z v\u00edce zdroj\u016f eliminuj\u00ed SIEM n\u00e1stroje slep\u00e1 m\u00edsta a zaji\u0161\u0165uj\u00ed \u00fapln\u00fd p\u0159ehled o d\u011bn\u00ed v s\u00edti, koncov\u00fdch za\u0159\u00edzen\u00edch i cloudov\u00fdch prost\u0159ed\u00edch.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"658\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/port-scan-anomaly-detection-1024x658.png\" alt=\"port scan anomaly detection\" class=\"wp-image-3949\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/port-scan-anomaly-detection-1024x658.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/port-scan-anomaly-detection-300x193.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/port-scan-anomaly-detection-768x494.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/port-scan-anomaly-detection.png 1167w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-xs-font-size\"><em>Obr. 2: Anom\u00e1lie, vysok\u00fd objem s\u00ed\u0165ov\u00e9ho provozu. V tomto p\u0159\u00edpad\u011b se jedn\u00e1 o port scan. (Logmanager)<\/em><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Optimalizace zdroj\u016f<\/h3>\n\n\n\n<p>SIEM pom\u00e1h\u00e1 bezpe\u010dnostn\u00edm t\u00fdm\u016fm efektivn\u011bji vyu\u017e\u00edvat kapacity t\u00edm, \u017ee automatizuje rutinn\u00ed \u00fakoly, poskytuje informace v kontextu a automaticky prioritizuje incidenty na z\u00e1klad\u011b d\u016fle\u017eitosti.<\/p>\n\n\n\n<p>M\u00edsto manu\u00e1ln\u00edho prohled\u00e1v\u00e1n\u00ed stovek log\u016f dost\u00e1vaj\u00ed analytici upozorn\u011bn\u00ed na skute\u010dn\u00e9 hrozby, mohou se tedy soust\u0159edit na to podstatn\u00e9.<\/p>\n\n\n\n<p>D\u00edky integraci s n\u00e1stroji SOAR dok\u00e1\u017ee SIEM je\u0161t\u011b v\u00edce zefektivnit reakci na bezpe\u010dnostn\u00ed incidenty, proto\u017ee umo\u017e\u0148uje pln\u011b automatizovan\u00e9 nebo polo-automatizovan\u00e9 z\u00e1sahy.<br>To sni\u017euje pot\u0159ebu velk\u00fdch bezpe\u010dnostn\u00edch t\u00fdm\u016f, p\u0159in\u00e1\u0161\u00ed \u00fasporu n\u00e1klad\u016f i rychlej\u0161\u00ed reakce na potenci\u00e1ln\u00ed \u00fatoky. V\u00edce se SOAR syst\u00e9m\u016fm v\u011bnujeme v n\u00e1sleduj\u00edc\u00ed \u010d\u00e1sti \u010dl\u00e1nku.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">V\u00fdzvy spojen\u00e9 s implementac\u00ed SIEM<\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"684\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-tool-illustration-1-1024x684.png\" alt=\"siem tool challanges img\" class=\"wp-image-3955\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-tool-illustration-1-1024x684.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-tool-illustration-1-300x200.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-tool-illustration-1-768x513.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-tool-illustration-1-1536x1026.png 1536w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-tool-illustration-1-2048x1368.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-xs-font-size\"><a href=\"https:\/\/www.canva.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">zdroj<\/a><\/p>\n\n\n\n<p>SIEM p\u0159in\u00e1\u0161\u00ed organizac\u00edm \u0159adu v\u00fdhod v oblasti bezpe\u010dnosti a IT compliance. Nicm\u00e9n\u011b, zaveden\u00ed takov\u00e9ho n\u00e1stroje, jeho konfigurace, spr\u00e1va a lad\u011bn\u00ed s sebou nese ur\u010dit\u00e9 v\u00fdzvy.<\/p>\n\n\n\n<p>Organizace by si m\u011bly b\u00fdt v\u011bdomy p\u0159edev\u0161\u00edm n\u00e1sleduj\u00edc\u00edch \u00faskal\u00ed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Nasazen\u00ed nen\u00ed plug and play<\/h3>\n\n\n\n<p>Implementace SIEM nen\u00ed trivi\u00e1ln\u00ed z\u00e1le\u017eitost. Vy\u017eaduje pe\u010dlivou integraci se zdroji dat, konfiguraci nastaven\u00ed, aby se logy spr\u00e1vn\u011b sb\u00edraly, normalizovaly a n\u00e1sledn\u011b korelovaly.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>P\u0159izp\u016fsoben\u00ed (kustomizace)<\/strong>: Ka\u017ed\u00e1 organizace m\u00e1 specifick\u00e9 bezpe\u010dnostn\u00ed pot\u0159eby, a proto je nutn\u00e9 nastavit pravidla pro alerty a logiku korelac\u00ed.<\/li>\n\n\n\n<li><strong>Integrace<\/strong>: Propojen\u00ed SIEMu s existuj\u00edc\u00edmi bezpe\u010dnostn\u00edmi n\u00e1stroji, star\u0161\u00edmi syst\u00e9my nebo cloudov\u00fdmi slu\u017ebami m\u016f\u017ee b\u00fdt \u010dasov\u011b n\u00e1ro\u010dn\u00e1.<\/li>\n\n\n\n<li><strong>N\u00e1ro\u010dnost na zdroje<\/strong>: Nasazen\u00ed obvykle vy\u017eaduje zku\u0161enosti odborn\u00edk\u016f vendora \u010di integra\u010dn\u00edch partner\u016f, kte\u0159\u00ed nastav\u00ed zdroje log\u016f, uprav\u00ed prahov\u00e9 hodnoty a dolad\u00ed false positives.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">P\u0159et\u00ed\u017een\u00ed alerty a false positives<\/h3>\n\n\n\n<p>Jedn\u00edm z nej\u010dast\u011bj\u0161\u00edch probl\u00e9m\u016f p\u0159i pou\u017e\u00edv\u00e1n\u00ed SIEM je zahlcen\u00ed bezpe\u010dnostn\u00edch t\u00fdm\u016f velk\u00fdm mno\u017estv\u00edm neprioritizovan\u00fdch alert\u016f. Bez spr\u00e1vn\u00e9ho vylad\u011bn\u00ed syst\u00e9mu t\u00e9\u017e mohou vznikat fale\u0161n\u011b pozitivn\u00ed alerty.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u0160patn\u011b nastaven\u00fd SIEM generuje p\u0159em\u00edru alert\u016f, co\u017e zt\u011b\u017euje orientaci a identifikaci skute\u010dn\u00fdch hrozeb.<\/li>\n\n\n\n<li>Nedostate\u010dn\u00e1 automatizace vede k tomu, \u017ee analytici mus\u00ed manu\u00e1ln\u011b vy\u0161et\u0159ovat i m\u00e9n\u011b z\u00e1va\u017en\u00e9 incidenty, co\u017e zpomaluje reak\u010dn\u00ed \u010dasy.<\/li>\n\n\n\n<li>Integrace s threat intelligence je d\u016fle\u017eit\u00e1 pro omezen\u00ed fale\u0161n\u00fdch poplach\u016f a poskytuje kontext k detekovan\u00fdm ud\u00e1lostem.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">N\u00e1klady na n\u00e1stroj, jeho nasazen\u00ed a \u00fadr\u017ebu<\/h3>\n\n\n\n<p>Benefity, kter\u00e9 SIEM p\u0159in\u00e1\u0161\u00ed, mohou b\u00fdt spojeny s v\u00fdznamn\u00fdmi investicemi. Celkov\u00e9 n\u00e1klady se li\u0161\u00ed v z\u00e1vislosti na zvolen\u00e9m \u0159e\u0161en\u00ed, rozsahu infrastruktury a specifick\u00fdch po\u017eadavc\u00edch. N\u00ed\u017ee uv\u00e1d\u00edme n\u011bkolik hlavn\u00edch n\u00e1kladov\u00fdch polo\u017eek spojen\u00fdch s implementac\u00ed SIEM.<\/p>\n\n\n\n<p><strong>1. Licen\u010dn\u00ed modely a n\u00e1klady na software<\/strong><\/p>\n\n\n\n<p>SIEM syst\u00e9my nab\u00edzej\u00ed r\u016fzn\u00e9 licen\u010dn\u00ed modely. Typicky b\u00fdvaj\u00ed licencov\u00e1ny podle objemu p\u0159en\u00e1\u0161en\u00fdch dat (GB\/den), podle po\u010dtu zpracovan\u00fdch ud\u00e1losti (EPS), podle po\u010dtu za\u0159\u00edzen\u00ed nebo u\u017eivatel\u016f. Ka\u017ed\u00fd model m\u00e1 sv\u00e1 pro a proti z pohledu \u0161k\u00e1lov\u00e1n\u00ed.<\/p>\n\n\n\n<p><strong>2. N\u00e1klady na implementaci, konfiguraci a \u00fadr\u017ebu<\/strong><\/p>\n\n\n\n<p>N\u00e1klady na instalaci, konfiguraci a integraci SIEM syst\u00e9mu se li\u0161\u00ed v z\u00e1vislosti na slo\u017eitosti prost\u0159ed\u00ed a po\u017eadovan\u00fdch funkc\u00edch. Takov\u00e9to syst\u00e9my tak\u00e9 vy\u017eaduj\u00ed vy\u017eaduje pravidelnou \u00fadr\u017ebu, aktualizaci pravidel, lad\u011bn\u00ed syst\u00e9mu i p\u0159izp\u016fsobov\u00e1n\u00ed nov\u00fdm typ\u016fm hrozeb.<\/p>\n\n\n\n<p><strong>3. \u200b\u200bHardwarov\u00e9 a infrastrukturn\u00ed n\u00e1klady<\/strong><\/p>\n\n\n\n<p>U n\u00e1klad\u016f na SIEM je t\u0159eba po\u010d\u00edtat s n\u00e1klady na servery a \u00falo\u017ei\u0161t\u011b, p\u0159\u00edpadn\u011b \u00fapravy a roz\u0161\u00ed\u0159en\u00ed s\u00ed\u0165ov\u00e9 infrastruktury.<\/p>\n\n\n\n<p><strong>4. Person\u00e1ln\u00ed n\u00e1klady<\/strong><\/p>\n\n\n\n<p>Pro 24\/7 provoz SIEM je \u010dasto pot\u0159eba t\u00fdm bezpe\u010dnostn\u00edch analytik\u016f. Krom\u011b person\u00e1ln\u00edch n\u00e1klad\u016f je t\u0159eba po\u010d\u00edtat tak\u00e9 s n\u00e1klady na za\u0161kolen\u00ed obsluhy i jin\u00fdch expert\u016f, kte\u0159\u00ed s v\u00fdstupy syst\u00e9mu budou pracovat.<\/p>\n\n\n\n<p>P\u0159esto\u017ee byl SIEM typicky \u201cvelk\u00e9 \u0159e\u0161en\u00ed\u201d pro enterprise z\u00e1kazn\u00edky, dnes ji\u017e existuj\u00ed n\u00e1stroje tohoto typu i st\u0159edn\u00ed i men\u0161\u00ed firmy. Ty jsou dostupn\u011bj\u0161\u00ed, poskytuj\u00ed pot\u0159ebn\u00e9 funkce a z\u00e1rove\u0148 vynikaj\u00ed jednodu\u0161\u0161\u00ed obsluhou. Nap\u0159\u00edklad Logmanager nab\u00edz\u00ed sv\u016fj odleh\u010den\u00fd <a href=\"https:\/\/logmanager.com\/cs\/reseni\/siem\/\">SIEM<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Pot\u0159eba kvalifikovan\u00fdch pracovn\u00edk\u016f<\/h3>\n\n\n\n<p>\u0158ada firem m\u00e1 probl\u00e9m s efektivn\u00ed spr\u00e1vou SIEM \u0159e\u0161en\u00ed kv\u016fli nedostatku zku\u0161en\u00fdch odborn\u00edk\u016f.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>SIEM vy\u017eaduje odborn\u00e9 znalosti s\u00ed\u0165ov\u00e9 a syst\u00e9mov\u00e9 architektury, porozum\u011bn\u00ed log\u016fm i analytickou schopnost rozpoznat podez\u0159el\u00e9 aktivity. V\u00fdhodou jsou zku\u0161enosti s anal\u00fdzou bezpe\u010dnostn\u00edch incident\u016f, znalosti threat intelligence a zku\u0161enost s reakc\u00ed na incidenty.<\/li>\n\n\n\n<li>N\u00e1bor intern\u00edch specialist\u016f se zku\u0161enostmi se SIEM m\u016f\u017ee b\u00fdt drah\u00fd a obt\u00ed\u017en\u00fd vzhledem k nedostatku odborn\u00edk\u016f v oblasti kyberbezpe\u010dnosti.<\/li>\n\n\n\n<li>Pomoci mohou spravovan\u00e9 SIEM slu\u017eby nebo extern\u00ed slu\u017eby typu Security Operations Center(SOC).<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Ochrana dat<\/h3>\n\n\n\n<p>SIEM n\u00e1stroje sb\u00edraj\u00ed a uchov\u00e1vaj\u00ed citliv\u00e9 bezpe\u010dnostn\u00ed logy, co\u017e vy\u017eaduje opat\u0159en\u00ed z hlediska bezpe\u010dnosti IT i vyhov\u011bn\u00ed legislativn\u00edm n\u00e1rok\u016fm.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Logy je nutn\u00e9 chr\u00e1nit p\u0159ed neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem a vnit\u0159n\u00edmi hrozbami.<\/li>\n\n\n\n<li>Z d\u016fvodu souladu s p\u0159edpisy (IT compliance) je t\u0159eba zajistit \u0161ifrov\u00e1n\u00ed, spr\u00e1vn\u00e9 uchov\u00e1v\u00e1n\u00ed a bezpe\u010dn\u00e9 maz\u00e1n\u00ed log\u016f v souladu s p\u0159\u00edslu\u0161n\u00fdmi regulacemi.<\/li>\n\n\n\n<li>Multi-cloudov\u00e1 prost\u0159ed\u00ed zt\u011b\u017euj\u00ed spr\u00e1vu dat, kdy firmy mus\u00ed \u0159\u00eddit SIEM v r\u016fzn\u00fdch jurisdikc\u00edch a zajistit spr\u00e1vu nap\u0159\u00ed\u010d platformami.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">SIEM vs. ostatn\u00ed bezpe\u010dnostn\u00ed n\u00e1stroje<\/h2>\n\n\n\n<p>SIEM je velmi u\u017eite\u010dn\u00fd n\u00e1stroj, kter\u00fd zast\u0159e\u0161uje bezpe\u010dnostn\u00ed monitoring v organizaci. Jeho schopnosti lze ale roz\u0161\u00ed\u0159it integrac\u00ed s dal\u0161\u00edmi bezpe\u010dnostn\u00edmi n\u00e1stroji.<\/p>\n\n\n\n<p>\u0158e\u0161en\u00ed jako SOAR (Security Orchestration, Automation and Response), XDR (Extended Detection and Response) nebo IDS\/IPS (Intrusion Detection System \/ Intrusion Prevention System) se sice \u010d\u00e1ste\u010dn\u011b funk\u010dn\u011b p\u0159ekr\u00fdvaj\u00ed, na druhou stranu ale mohou tak\u00e9 zjednodu\u0161it obranu proti hrozb\u00e1m, nap\u0159\u00edklad pokro\u010dilou automatizac\u00ed reakce na incidenty.<\/p>\n\n\n\n<p>Mnoho organizac\u00ed proto kombinuje SIEM s t\u011bmito n\u00e1stroji a vytv\u00e1\u0159\u00ed tak v\u00edcevrstvou ochranu, kter\u00e1 umo\u017e\u0148uje efektivn\u00ed detekci, anal\u00fdzu a reakci na hrozby.<\/p>\n\n\n\n<p>N\u00e1sleduj\u00edc\u00ed tabulka shrnuje jednotliv\u00e9 syst\u00e9my, jejich \u00fa\u010del, odli\u0161nosti a funkce.<\/p>\n\n\n\n<figure class=\"wp-block-table is-style-stripes\"><table class=\"has-fixed-layout\"><tbody><tr><td><\/td><td><strong>SIEM<\/strong><\/td><td><strong>SOAR<\/strong><\/td><td><strong>XDR<\/strong><\/td><td><strong>IDS\/IPS<\/strong><\/td><td><strong>Log Management<\/strong><\/td><\/tr><tr><td><strong>Hlavn\u00ed \u00fa\u010del<\/strong><\/td><td>Agregace, korelace a anal\u00fdza log\u016f a ud\u00e1lost\u00ed.<\/td><td>Automatick\u00e1 reakce na bezpe\u010dnostn\u00ed ud\u00e1losti.<\/td><td>Detekce a reakce na incidenty na \u00farovni s\u00edt\u011b a end-point\u016f.<\/td><td>Detekce pokus\u016f o pr\u016fnik zn\u00e1m\u00fdch hrozeb.<\/td><td>Sb\u011br, normalizace a uchov\u00e1n\u00ed log\u016f pro anal\u00fdzu.<\/td><\/tr><tr><td><strong>Detekce hrozeb<\/strong><\/td><td>Korelace ud\u00e1lost\u00ed s c\u00edlem detekovat podez\u0159el\u00e9 aktivity a anom\u00e1lie.<\/td><td>Vyu\u017e\u00edv\u00e1 SIEM nebo jin\u00e9 n\u00e1stroje pro automatick\u00e9 spu\u0161t\u011bn\u00ed reakce na incidenty.<\/td><td>Analyzuje data z koncov\u00fdch za\u0159\u00edzen\u00ed a s\u00edt\u00ed.<\/td><td>Detekuje a blokuje podez\u0159el\u00fd s\u00ed\u0165ov\u00fd provoz.&nbsp;<\/td><td>Umo\u017e\u0148uje detekci hrozeb.<\/td><\/tr><tr><td><strong>Reakce v re\u00e1ln\u00e9m \u010dase<\/strong><\/td><td>Omezen\u00e9 mo\u017enosti, prim\u00e1rn\u00ed zam\u011b\u0159en\u00ed na alerting.<\/td><td>Ano, automatizuje reakci na hrozby.<\/td><td>Ano, automatizuje reakci na hrozby.<\/td><td>Ano, blokuje hrozby jakmile jsou detekov\u00e1ny.&nbsp;<\/td><td>Ne, prim\u00e1rn\u00ed zam\u011b\u0159en\u00ed na uchov\u00e1n\u00ed a anal\u00fdzu log\u016f.<\/td><\/tr><tr><td><strong>Forenzn\u00ed anal\u00fdza<\/strong><\/td><td>Ano, uchov\u00e1v\u00e1 historii log\u016f pro forenzn\u00ed anal\u00fdzu.<\/td><td>Poskytuje minim\u00e1ln\u00ed mo\u017enosti, spol\u00e9h\u00e1 na SIEM.<\/td><td>Limitovan\u00e9 mo\u017enosti, zam\u011b\u0159uje se na real-time detekci hrozeb.<\/td><td>Neuchov\u00e1v\u00e1 historick\u00e1 data, neposkytuje mo\u017enosti anal\u00fdzy.<\/td><td>Ano, uchov\u00e1v\u00e1 historick\u00e1 data a umo\u017e\u0148uje jejich anal\u00fdzu.<\/td><\/tr><tr><td><strong>Compliance &amp; Reporting<\/strong><\/td><td>Built-in funkce pro IT compliance.<\/td><td>Nem\u00e1 p\u0159\u00edm\u00fd vztah k IT compliance.<\/td><td>Omezen\u00e9 mo\u017enosti pro vyu\u017eit\u00ed v IT compliance oblasti.<\/td><td>Nevztahuje se p\u0159\u00edmo k t\u00e9matu compliance.<\/td><td>Pom\u00e1h\u00e1 s udr\u017een\u00edm souladu s p\u0159edpisy.<\/td><\/tr><tr><td><strong>Automatizace a orchestrace<\/strong><\/td><td>Integruje se se SOAR pro automatickou reakci na ud\u00e1losti.<\/td><td>Poskytuje mo\u017enosti pln\u011b automatizovan\u00e9 reakce na incidenty.<\/td><td>Automatick\u00e1 detekce a reakce.<\/td><td>Mo\u017enosti automatick\u00e9 reakce \u2013 blokov\u00e1n\u00ed v re\u00e1ln\u00e9m \u010dase.<\/td><td>Automatizace sb\u011bru a uchov\u00e1n\u00ed log\u016f.<\/td><\/tr><tr><td><strong>Nejvhodn\u011bj\u0161\u00ed pro<\/strong><\/td><td>Organizace cht\u011bj\u00edc\u00ed pos\u00edlit svoji bezpe\u010dnost, detekci hrozeb, viditelnost a zajistit soulad s p\u0159edpisy.<\/td><td>Velk\u00e9 podniky po\u017eaduj\u00edc\u00ed automatizaci reakce na incidenty.<\/td><td>Organizace preferuj\u00edc\u00ed ochranu na \u00farovni end-point\u016f a s\u00edt\u011b.<\/td><td>Organizace po\u017eaduj\u00edc\u00ed ochranu proti pr\u016fnik\u016fm do syst\u00e9m\u016f.<\/td><td>Organizace po\u017eaduj\u00edc\u00ed centr\u00e1ln\u00ed \u0159e\u0161en\u00ed pro sb\u011br a uchov\u00e1n\u00ed log\u016f.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">SIEM vs. SOAR<\/h3>\n\n\n\n<p>SOAR jsme v tomto \u010dl\u00e1nku ji\u017e zb\u011b\u017en\u011b zm\u00ednili. Jedn\u00e1 se o n\u00e1stroj na automatizaci reakc\u00ed na bezpe\u010dnostn\u00ed incidenty, a to na z\u00e1klad\u011b alert\u016f ze SIEMu. Takov\u00e9 \u0159e\u0161en\u00ed pak m\u016f\u017ee nap\u0159\u00edklad zablokovat IP adresu, izolovat za\u0159\u00edzen\u00ed nebo spustit nejr\u016fzn\u011bj\u0161\u00ed workflow bez nutnosti manu\u00e1ln\u00edho z\u00e1sahu.<\/p>\n\n\n\n<p>SIEM je naopak navr\u017een k sb\u011bru a anal\u00fdze bezpe\u010dnostn\u00edch log\u016f, d\u00edky \u010demu\u017e poskytuje bezpe\u010dnostn\u00edm specialist\u016fm p\u0159ehled o kybernetick\u00fdch hrozb\u00e1ch a rizic\u00edch z hlediska souladu s p\u0159edpisy. Pom\u00e1h\u00e1 identifikovat potenci\u00e1ln\u00ed bezpe\u010dnostn\u00ed incidenty pomoc\u00ed korelace dat z r\u016fzn\u00fdch zdroj\u016f a spou\u0161t\u00ed alerty na z\u00e1klad\u011b p\u0159eddefinovan\u00fdch pravidel.<\/p>\n\n\n\n<p>N\u011bkter\u00e9 SIEM platformy v\u0161ak dnes ji\u017e nab\u00edzej\u00ed i automatiza\u010dn\u00ed funkce. Typicky se jedn\u00e1 o p\u0159epos\u00edl\u00e1n\u00ed alert\u016f, zas\u00edl\u00e1n\u00ed notifikac\u00ed, vytv\u00e1\u0159en\u00ed tiket\u016f v syst\u00e9mech pro \u0159\u00edzen\u00ed incident\u016f. Um\u00ed i spustit p\u0159edem nastaven\u00e9 automatizovan\u00e9 reakce, jako nap\u0159\u00edklad blokace p\u0159\u00edstupu u\u017eivatele nebo izolace kompromitovan\u00e9ho za\u0159\u00edzen\u00ed.<\/p>\n\n\n\n<p><strong>Kdy si kter\u00e9 \u0159e\u0161en\u00ed vybrat?<\/strong><br>SOAR m\u016f\u017ee doplnit SIEM a sn\u00ed\u017eit manu\u00e1ln\u00ed z\u00e1t\u011b\u017e. Je u\u017eite\u010dn\u00fd zejm\u00e9na tehdy, pokud je v\u00e1\u0161 bezpe\u010dnostn\u00ed t\u00fdm p\u0159et\u00ed\u017een alerty a nest\u00edh\u00e1 na n\u011b reagovat v\u010das.<\/p>\n\n\n\n<p>V\u011bt\u0161\u00ed firmy \u010dasto kombinuj\u00ed SIEM se SOAR pro efektivn\u011bj\u0161\u00ed reakci na incidenty. SOAR lze ale pou\u017e\u00edvat i samostatn\u011b, nap\u0159\u00edklad v men\u0161\u00edch organizac\u00edch, kter\u00e9 nepot\u0159ebuj\u00ed log management.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">SIEM vs. XDR (Extended Detection and Response)<\/h3>\n\n\n\n<p>XDR se zam\u011b\u0159uje na detekci hrozeb v re\u00e1ln\u00e9m \u010dase, a to na \u00farovni koncov\u00fdch za\u0159\u00edzen\u00ed a s\u00edt\u00ed. M\u00e1 p\u0159itom integrovan\u00e9 reak\u010dn\u00ed schopnosti a je tedy v\u00edce automatizovan\u00fd. Z\u00e1rove\u0148 je ale takov\u00e9 \u0159e\u0161en\u00ed m\u00e9n\u011b p\u0159izp\u016fsobiteln\u00e9 ne\u017e SIEM.<\/p>\n\n\n\n<p>SIEM n\u00e1stroje monitoruj\u00ed \u0161ir\u0161\u00ed spektrum zdroj\u016f, v\u010detn\u011b firewall\u016f, koncov\u00fdch bod\u016f, cloudov\u00fdch prost\u0159ed\u00ed a aplikac\u00ed. Na rozd\u00edl od XDR obvykle umo\u017e\u0148uj\u00ed tak\u00e9 anal\u00fdzu historick\u00fdch dat a tvorbu report\u016f pro pot\u0159eby compliance.<\/p>\n\n\n\n<p><strong>Kdy si kter\u00e9 \u0159e\u0161en\u00ed vybrat?<\/strong><br>Men\u0161\u00ed bezpe\u010dnostn\u00ed t\u00fdmy \u010dasto up\u0159ednost\u0148uj\u00ed XDR, proto\u017ee nevy\u017eaduje slo\u017eit\u00e9 nastavov\u00e1n\u00ed a nab\u00edz\u00ed automatizovan\u00e9 reakce v podstat\u011b ihned po nasazen\u00ed.<\/p>\n\n\n\n<p>Siln\u011bji regulovan\u00e9 obory (nap\u0159. finance, zdravotnictv\u00ed) zase t\u011b\u017e\u00ed ze SIEM d\u00edky jeho siln\u00e9 podpo\u0159e pro reportov\u00e1n\u00ed a compliance.<\/p>\n\n\n\n<p>Stejn\u011b jako u SOAR, velk\u00e9 podniky \u010dasto kombinuj\u00ed ob\u011b \u0159e\u0161en\u00ed. Pou\u017e\u00edvaj\u00ed SIEM pro forenzn\u00ed anal\u00fdzu a reportov\u00e1n\u00ed, XDR pak pro rychlou detekci hrozeb na koncov\u00fdch bodech.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">SIEM vs. IDS\/IPS (Intrusion Detection\/Prevention Systems)<\/h3>\n\n\n\n<p>IDS\/IPS n\u00e1stroje aktivn\u011b sleduj\u00ed s\u00ed\u0165ov\u00fd provoz v re\u00e1ln\u00e9m \u010dase a dok\u00e1\u017eou okam\u017eit\u011b zablokovat zn\u00e1m\u00e9 (signaturn\u00ed) hrozby p\u0159i jejich v\u00fdskytu. Neuchov\u00e1vaj\u00ed v\u0161ak historick\u00e1 data ani nejsou n\u00e1strojem pro anal\u00fdzu bezpe\u010dnostn\u00edch ud\u00e1lost\u00ed.<\/p>\n\n\n\n<p>SIEM n\u00e1stroje naopak pracuj\u00ed s ji\u017e existuj\u00edc\u00edmi bezpe\u010dnostn\u00edmi ud\u00e1lostmi, identifikuj\u00ed vzorce \u00fatok\u016f a koreluj\u00ed hrozby nap\u0159\u00ed\u010d r\u016fzn\u00fdmi syst\u00e9my.<\/p>\n\n\n\n<p><strong>Kdy si kter\u00e9 \u0159e\u0161en\u00ed vybrat?<\/strong><\/p>\n\n\n\n<p>Pokud pot\u0159ebujete detekci a blokov\u00e1n\u00ed hrozeb v re\u00e1ln\u00e9m \u010dase, tedy schopnost blokovat zn\u00e1m\u00e9 \u00fatoky d\u0159\u00edve, ne\u017e zp\u016fsob\u00ed \u0161kodu, je vhodn\u00e9 IDS\/IPS \u0159e\u0161en\u00ed.<\/p>\n\n\n\n<p>Pou\u017eijte SIEM, pokud po\u017eadujete komplexn\u00ed p\u0159ehled o bezpe\u010dnosti, reporting pro \u00fa\u010dely souladu s p\u0159edpisy a pokro\u010dilou korelaci hrozeb.<\/p>\n\n\n\n<p>Ve v\u011bt\u0161in\u011b p\u0159\u00edpad\u016f v\u0161ak d\u00e1v\u00e1 smysl kombinace obou \u0159e\u0161en\u00ed. IDS\/IPS zajist\u00ed okam\u017eitou reakci a blokaci, zat\u00edmco SIEM nab\u00eddne hlub\u0161\u00ed forenzn\u00ed anal\u00fdzu a dlouhodob\u00fd p\u0159ehled o bezpe\u010dnostn\u00ed situaci. Nap\u0159\u00edklad, pokud spole\u010dnost pomoc\u00ed IDS\/IPS odhal\u00ed brute-force \u00fatok a zablokuje IP adresu \u00fato\u010dn\u00edka, SIEM syst\u00e9m n\u00e1sledn\u011b propoj\u00ed tuto aktivitu s ned\u00e1vn\u00fdmi pokusy o p\u0159ihl\u00e1\u0161en\u00ed na jin\u00e9m serveru, \u010d\u00edm\u017e odhal\u00ed \u0161ir\u0161\u00ed koordinovan\u00fd \u00fatok, kter\u00fd by jinak z\u016fstal nepov\u0161imnut.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">SIEM vs. log management<\/h3>\n\n\n\n<p>N\u00e1stroje pro <a href=\"https:\/\/logmanager.com\/cs\/blog\/log-management\/log-management-best-practices\/\">log management<\/a> se zam\u011b\u0159uj\u00ed na sb\u011br, ukl\u00e1d\u00e1n\u00ed a organizaci log\u016f. Prim\u00e1rn\u011b slou\u017e\u00ed ke vyhled\u00e1v\u00e1n\u00ed a archivaci z\u00e1znam\u016f za \u00fa\u010delem detekce hrozeb a provozn\u00edch probl\u00e9m\u016f, dodr\u017eov\u00e1n\u00ed p\u0159edpis\u016f (compliance) a forenzn\u00ed anal\u00fdzy. Obvykle v\u0161ak postr\u00e1daj\u00ed vestav\u011bn\u00e9 pokro\u010dil\u00e9 bezpe\u010dnostn\u00ed funkce, nap\u0159\u00edklad pro korelaci ud\u00e1lost\u00ed.<\/p>\n\n\n\n<p>SIEM syst\u00e9my jdou d\u00e1le, sb\u00edraj\u00ed a analyzuj\u00ed logy v re\u00e1ln\u00e9m \u010dase, koreluj\u00ed ud\u00e1losti a vyu\u017e\u00edvaj\u00ed threat intelligence a behavior\u00e1ln\u00ed anal\u00fdzu, aby odhalily a pomohly vy\u0159e\u0161it kybernetick\u00e9 hrozby.<\/p>\n\n\n\n<p><strong>Kter\u00e9 \u0159e\u0161en\u00ed si vybrat?<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/logmanager.com\/cs\/reseni\/log-management\/\">Log management platforma<\/a> je vhodn\u00e1 tehdy, pokud hled\u00e1te jednoduch\u00e9 a cenov\u011b dostupn\u00e9 \u0159e\u0161en\u00ed pro ukl\u00e1d\u00e1n\u00ed, vyhled\u00e1v\u00e1n\u00ed a z\u00e1kladn\u00ed anal\u00fdzu log\u016f v r\u00e1mci detekce hrozeb, vy\u0161et\u0159ov\u00e1n\u00ed incident\u016f, lad\u011bn\u00ed syst\u00e9m\u016f a pln\u011bn\u00ed po\u017eadavk\u016f IT compliance.<\/p>\n\n\n\n<p>SIEM je vhodn\u011bj\u0161\u00ed, pokud pot\u0159ebujete pokro\u010dilou korelaci dat a ud\u00e1lost\u00ed z v\u00edce zdroj\u016f, detekci hrozeb v re\u00e1ln\u00e9m \u010dase a okam\u017eit\u00e9 alerty, kter\u00e9 umo\u017en\u00ed bezpe\u010dnostn\u00edm t\u00fdm\u016fm rychleji a efektivn\u011bji reagovat na incidenty.<\/p>\n\n\n\n<p>Alternativn\u011b lze zvolit <a href=\"https:\/\/logmanager.com\/cs\/reseni\/siem\/\">odleh\u010den\u00e9 SIEM \u0159e\u0161en\u00ed<\/a>, jako je Logmanager, kter\u00e1 kombinuj\u00ed dostupnost a jednoduchost n\u00e1stroj\u016f pro spr\u00e1vu log\u016f s kl\u00ed\u010dov\u00fdmi SIEM funkcemi. Jsou tak ide\u00e1ln\u00ed volbou pro men\u0161\u00ed a st\u0159edn\u011b velk\u00e9 organizace.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Modern\u00ed trendy v SIEM syst\u00e9mech<\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"681\" src=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-illustration-2-1024x681.png\" alt=\"What is a SIEM tool illustration 2\" class=\"wp-image-3922\" srcset=\"https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-illustration-2-1024x681.png 1024w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-illustration-2-300x199.png 300w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-illustration-2-768x511.png 768w, https:\/\/logmanager.com\/wp-content\/uploads\/2025\/05\/what-is-siem-illustration-2.png 1307w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-xs-font-size\"><a href=\"https:\/\/www.canva.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">zdroj<\/a><\/p>\n\n\n\n<p>Kybernetick\u00e9 hrozby se neust\u00e1le m\u011bn\u00ed, a s t\u00edm se mus\u00ed p\u0159izp\u016fsobovat i SIEM syst\u00e9my. V praxi dnes bezpe\u010dnostn\u00ed t\u00fdmy dnes \u010del\u00ed \u00fatok\u016fm generovan\u00fdm pomoc\u00ed um\u011bl\u00e9 inteligence, slo\u017eit\u011bj\u0161\u00edm IT infrastruktur\u00e1m a rostouc\u00edm objem\u016fm dat, kter\u00e9 tyto infrastruktury generuj\u00ed. Trendy v SIEM syst\u00e9mech se proto sna\u017e\u00ed na tyto v\u00fdzvy naj\u00edt odpov\u011b\u010f.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Um\u011bl\u00e1 inteligence a strojov\u00e9 u\u010den\u00ed pro chyt\u0159ej\u0161\u00ed detekci hrozeb<\/h3>\n\n\n\n<p>Tradi\u010dn\u00ed SIEM syst\u00e9my se spol\u00e9haj\u00ed na p\u0159edem definovan\u00e1 pravidla pro detekci hrozeb. Modern\u00ed kyber\u00fatoky v\u0161ak neust\u00e1le m\u011bn\u00ed svoji podobu i taktiky (vektory \u00fatoku). SIEMy jsou tak sice efektivn\u00ed v boji proti v\u011bt\u0161in\u011b hrozeb, roste ale i segment t\u011bch hrozeb, na kter\u00e9 se mus\u00ed adaptovat.<\/p>\n\n\n\n<p>Pomoci s t\u00edm m\u016f\u017ee pr\u00e1v\u011b strojov\u00e9 u\u010den\u00ed a um\u011bl\u00e1 inteligence. Aplikace AI v SIEM syst\u00e9mech je slibn\u00e1 p\u0159edev\u0161\u00edm v n\u00e1sleduj\u00edc\u00edch oblastech:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Rozpozn\u00e1v\u00e1n\u00ed anom\u00e1li\u00ed v re\u00e1ln\u00e9m \u010dase. Ji\u017e dnes existuj\u00ed n\u00e1stroje pro detekci anom\u00e1li\u00ed, zakomponov\u00e1n\u00ed strojov\u00e9ho u\u010den\u00ed umo\u017en\u00ed SIEM\u016fm rychlej\u0161\u00ed detekce a n\u00e1sledn\u00e9 reakce.<\/li>\n\n\n\n<li>Sn\u00ed\u017een\u00ed po\u010dtu fale\u0161n\u00fdch poplach\u016f, d\u00edky \u010demu\u017e se t\u00fdmy mohou soust\u0159edit na skute\u010dn\u00e9 hrozby.<\/li>\n\n\n\n<li>P\u0159edv\u00edd\u00e1n\u00ed nov\u00fdch \u00fatok\u016f pomoc\u00ed anal\u00fdzy minul\u00fdch incident\u016f a rozpozn\u00e1v\u00e1n\u00edm vzorc\u016f d\u0159\u00edve, ne\u017e dojde k eskalaci.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Automatizovan\u00e1 reakce na hrozby<\/h3>\n\n\n\n<p>Modern\u00ed SIEM \u0159e\u0161en\u00ed \u010d\u00edm d\u00e1l v\u00edce zahrnuj\u00ed automatizaci, aby sn\u00ed\u017eila manu\u00e1ln\u00ed z\u00e1sahy a zrychlila reakci na hrozby. Automatizace pom\u00e1h\u00e1 bezpe\u010dnostn\u00edm t\u00fdm\u016fm jednat bez zpo\u017ed\u011bn\u00ed, zvy\u0161uje efektivitu a sni\u017euje rizika.<\/p>\n\n\n\n<p>Sou\u010dasn\u00e9 SIEM syst\u00e9my nab\u00edzej\u00ed vestav\u011bn\u00e9 automatiza\u010dn\u00ed funkce nebo se integruj\u00ed s extern\u00edmi n\u00e1stroji jako je SOAR.<\/p>\n\n\n\n<p>D\u00edky tomu mohou:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Spou\u0161t\u011bt automatick\u00e9 reakce, nap\u0159\u00edklad blokov\u00e1n\u00ed \u0161kodliv\u00fdch IP adres nebo izolaci kompromitovan\u00fdch za\u0159\u00edzen\u00ed.<\/li>\n\n\n\n<li>Vyu\u017e\u00edvat AI k prioritizaci alert\u016f a prov\u00e1d\u011bn\u00ed p\u0159ednastaven\u00fdch bezpe\u010dnostn\u00edch akc\u00ed bez lidsk\u00e9ho z\u00e1sahu.<\/li>\n\n\n\n<li>Zjednodu\u0161it procesy \u0159e\u0161en\u00ed incident\u016f, tak\u017ee analytici se mohou soust\u0159edit na slo\u017eit\u011bj\u0161\u00ed \u0161et\u0159en\u00ed m\u00edsto rutinn\u00edch \u00fakol\u016f.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">SIEM pro mal\u00e9 a st\u0159edn\u011b velk\u00e9 firmy (SMB)<\/h3>\n\n\n\n<p>SIEM byl d\u0159\u00edve pova\u017eov\u00e1n za p\u0159\u00edli\u0161 slo\u017eit\u00fd a drah\u00fd pro men\u0161\u00ed firmy, ale modern\u00ed \u0159e\u0161en\u00ed jeho funkce nyn\u00ed zp\u0159\u00edstup\u0148uj\u00ed \u0161ir\u0161\u00edmu spektru organizac\u00ed d\u00edky n\u00e1sleduj\u00edc\u00ed v\u00fdhod\u00e1m:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Cenov\u00fd model zalo\u017een\u00fd na skute\u010dn\u00e9m vyu\u017eit\u00ed nam\u00edsto vysok\u00fdch po\u010d\u00e1te\u010dn\u00edch investic.<\/li>\n\n\n\n<li>Zjednodu\u0161en\u00e9 nasazen\u00ed. S p\u0159ednastaven\u00fdmi parsery, dashboardy a mo\u017enostmi \u00faprav bez nutnosti programov\u00e1n\u00ed, kter\u00e9 vy\u017eaduj\u00ed jen minim\u00e1ln\u00ed ru\u010dn\u00ed konfiguraci, jsou SIEMy dostupn\u011bj\u0161\u00ed i men\u0161\u00edm IT t\u00fdm\u016fm.<\/li>\n\n\n\n<li>Automatizovan\u00e9 monitorov\u00e1n\u00ed bezpe\u010dnosti, kter\u00e9 umo\u017e\u0148uje men\u0161\u00edm IT t\u00fdm\u016fm zvl\u00e1dat hrozby i bez plnohodnotn\u00e9ho bezpe\u010dnostn\u00edho opera\u010dn\u00edho centra (SOC).<\/li>\n<\/ul>\n\n\n\n<p>Vzhledem k tomu, \u017ee kybernetick\u00e9 hrozby dnes c\u00edl\u00ed na firmy v\u0161ech velikost\u00ed, i mal\u00e9 a st\u0159edn\u00ed podniky za\u010d\u00ednaj\u00ed nasazovat SIEM \u0159e\u0161en\u00ed. V\u00edce se tomuto t\u00e9matu v\u011bnujeme v na\u0161em blogu na t\u00e9ma <a href=\"https:\/\/logmanager.com\/cs\/blog\/log-management\/siem-vs-log-management-srovnani-smb\/\">SIEM vs log management<\/a> v men\u0161\u00edch a st\u0159edn\u00edch firm\u00e1ch.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">5 v\u011bc\u00ed, kter\u00e9 je t\u0159eba zv\u00e1\u017eit p\u0159i v\u00fdb\u011bru SIEM n\u00e1stroje<\/h2>\n\n\n\n<p>V\u00fdb\u011br spr\u00e1vn\u00e9ho SIEM \u0159e\u0161en\u00ed m\u016f\u017ee b\u00fdt n\u00e1ro\u010dn\u00fd, proto\u017ee firmy mus\u00ed naj\u00edt rovnov\u00e1hu mezi bezpe\u010dnostn\u00edmi po\u017eadavky, po\u017eadavky na compliance a provozn\u00edmi n\u00e1klady.<\/p>\n\n\n\n<p>Obecn\u011b plat\u00ed, \u017ee volba vhodn\u00e9ho SIEMu z\u00e1vis\u00ed na velikosti organizace, dostupn\u00fdch IT zdroj\u00edch a bezpe\u010dnostn\u00edch priorit\u00e1ch:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Mal\u00e9 firmy a startupy: Lehk\u00e1 SIEM \u0159e\u0161en\u00ed s automatizac\u00ed pom\u00e1haj\u00ed sn\u00ed\u017eit z\u00e1t\u011b\u017e na spr\u00e1vu IT.<\/li>\n\n\n\n<li>St\u0159edn\u011b velk\u00e9 organizace: \u0160k\u00e1lovateln\u00e1 SIEM \u0159e\u0161en\u00ed s dobrou integra\u010dn\u00ed podporou umo\u017e\u0148uj\u00ed budouc\u00ed r\u016fst.<\/li>\n\n\n\n<li>Velk\u00e9 podniky: On-premise SIEM syst\u00e9my nab\u00edzej\u00ed plnou m\u00edru p\u0159izp\u016fsoben\u00ed, vysokou \u00farove\u0148 zabezpe\u010den\u00ed, ale vy\u017eaduj\u00ed dedikovan\u00e9 bezpe\u010dnostn\u00ed t\u00fdmy.<\/li>\n<\/ul>\n\n\n\n<p>P\u0159i tak \u0161irok\u00e9 nab\u00eddce na trhu v\u0161ak mnoho organizac\u00ed t\u00e1p\u00e1, kter\u00e9 SIEM \u0159e\u0161en\u00ed nejl\u00e9pe odpov\u00edd\u00e1 jejich infrastruktu\u0159e a mo\u017enostem. N\u011bkter\u00e9 firmy tak\u00e9 chybn\u011b vyb\u00edraj\u00ed n\u00e1stroj pouze na z\u00e1klad\u011b funkc\u00ed, ani\u017e by zohlednily \u0161k\u00e1lovatelnost, u\u017eivatelskou p\u0159\u00edv\u011btivost a dlouhodob\u00e9 n\u00e1klady.<\/p>\n\n\n\n<p>Pod\u00edvejme se na stru\u010dn\u00fd p\u0159ehled toho, co p\u0159i v\u00fdb\u011bru SIEM syst\u00e9mu zv\u00e1\u017eit.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">1. \u0160k\u00e1lovatelnost a pr\u00e1ce s daty<\/h3>\n\n\n\n<p>SIEM platformy zpracov\u00e1vaj\u00ed obrovsk\u00e9 objemy dat, tak\u017ee schopnost \u0161k\u00e1lov\u00e1n\u00ed je kl\u00ed\u010dov\u00e1.&nbsp;<\/p>\n\n\n\n<p>Zam\u011b\u0159te se proto na:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Kapacitu zpracov\u00e1n\u00ed log\u016f<\/strong>. Zvl\u00e1dne SIEM rostouc\u00ed objem dat bez dopadu na v\u00fdkon?<\/li>\n\n\n\n<li><strong>Politiky uchov\u00e1v\u00e1n\u00ed dat.<\/strong> Umo\u017e\u0148uje SIEM dlouhodob\u00e9 ukl\u00e1d\u00e1n\u00ed dat pro \u00fa\u010dely compliance a forenzn\u00ed anal\u00fdzx?<\/li>\n\n\n\n<li><strong>Cloud vs. on-premise nasazen\u00ed<\/strong>. Pot\u0159ebujete pln\u011b spravovan\u00fd SIEM v cloudu, nebo je kv\u016fli po\u017eadavk\u016fm na ochranu dat, bezpe\u010dnost \u010di regulace nutn\u00e9 on-premise \u0159e\u0161en\u00ed?<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2. Integrace se st\u00e1vaj\u00edc\u00edmi bezpe\u010dnostn\u00edmi n\u00e1stroji<\/h3>\n\n\n\n<p>SIEM by m\u011bl bezprobl\u00e9mov\u011b spolupracovat s va\u0161\u00ed st\u00e1vaj\u00edc\u00ed bezpe\u010dnostn\u00ed infrastrukturou a m\u011bl by tedy m\u00edt:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Schopnost sb\u011bru dat z r\u016fzn\u00fdch \u010d\u00e1st\u00ed IT prost\u0159ed\u00ed, firewall\u016f, koncov\u00fdch bod\u016f, s\u00edt\u00ed a aplikac\u00ed.<\/li>\n\n\n\n<li>Podporovat integraci threat intelligence feed\u016f pro p\u0159esn\u011bj\u0161\u00ed detekci hrozeb.<\/li>\n\n\n\n<li>Umo\u017e\u0148ovat integraci se SOAR pro automatizovanou reakci na incidenty.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. U\u017eivatelsk\u00e1 p\u0159\u00edv\u011btivost a automatizace<\/h3>\n\n\n\n<p>SIEM m\u00e1 smysl jen tehdy, kdy\u017e ho bezpe\u010dnostn\u00ed t\u00fdm dok\u00e1\u017ee efektivn\u011b vyu\u017e\u00edvat. Zva\u017ete tedy:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>U\u017eivatelsk\u00e9 rozhran\u00ed. Umo\u017e\u0148uje SIEM analytik\u016fm snadno vizualizovat z\u00e1jmov\u00e9 ud\u00e1losti&nbsp; a trendy? Lze se v n\u011bm snadno orientovat a jak snadn\u00e9 je v\u00fdstupy SIEMu p\u0159izp\u016fsobit?<\/li>\n\n\n\n<li>Automatizovan\u00e9 t\u0159\u00edd\u011bn\u00ed alert\u016f. Pom\u00e1h\u00e1 SIEM sni\u017eovat fale\u0161n\u00e9 poplachy a up\u0159ednostnit re\u00e1ln\u00e9 hrozby?<\/li>\n\n\n\n<li>P\u0159ednastaven\u00e1 detek\u010dn\u00ed pravidla vs. ru\u010dn\u00ed konfigurace. Nab\u00edz\u00ed SIEM hotov\u00e1 bezpe\u010dnostn\u00ed pravidla, nebo je nutn\u00e9 je tvo\u0159it od nuly?<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">4. N\u00e1kladovost<\/h3>\n\n\n\n<p>Cena SIEM \u0159e\u0161en\u00ed se li\u0161\u00ed podle objemu log\u016f, typu nasazen\u00ed a dostupn\u00fdch funkc\u00ed. Zam\u011b\u0159te se na:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Licen\u010dn\u00ed modely: N\u011bkter\u00e9 SIEMy \u00fa\u010dtuj\u00ed podle mno\u017estv\u00ed zpracovan\u00fdch log\u016f, jin\u00e9 nab\u00edzej\u00ed pau\u0161\u00e1ln\u00ed poplatky.<\/li>\n\n\n\n<li>Provozn\u00ed n\u00e1klady: On-premise SIEM vy\u017eaduje hardware a dedikovan\u00fd person\u00e1l, zat\u00edmco cloudov\u00e1 \u0159e\u0161en\u00ed maj\u00ed obvykle ni\u017e\u0161\u00ed re\u017eijn\u00ed n\u00e1klady.<\/li>\n\n\n\n<li>Slu\u017eby typu Managed SIEM: Outsourcing spr\u00e1vy SIEMu m\u016f\u017ee sn\u00ed\u017eit n\u00e1klady a odleh\u010dit intern\u00edm t\u00fdm\u016fm.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">5. Schopnosti v oblasti compliance a reportingu<\/h3>\n\n\n\n<p>Pokud va\u0161e odv\u011btv\u00ed podl\u00e9h\u00e1 p\u0159\u00edsn\u00e9 regulaci, vyberte SIEM, kter\u00fd:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Umo\u017e\u0148uje nastavit compliance reporty pro prok\u00e1z\u00e1n\u00ed souladu jako GDPR, HIPAA nebo PCI DSS.<\/li>\n\n\n\n<li>Podporuje auditn\u00ed logy a forenzn\u00ed anal\u00fdzy.<\/li>\n\n\n\n<li>Zahrnuje monitoring compliance v re\u00e1ln\u00e9m \u010dase pro detekci potenci\u00e1ln\u00edch poru\u0161en\u00ed p\u0159edpis\u016f.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Z\u00edskejte p\u0159ehled o IT bezpe\u010dnosti<\/h2>\n\n\n\n<p>SIEM je v\u00fdkonn\u00fd n\u00e1stroj, ale naj\u00edt to spr\u00e1vn\u00e9 \u0159e\u0161en\u00ed pro konkr\u00e9tn\u00ed organizaci vy\u017eaduje pe\u010dliv\u00e9 pl\u00e1nov\u00e1n\u00ed. A\u0165 u\u017e chcete zlep\u0161it detekci hrozeb, splnit po\u017eadavky compliance nebo odleh\u010dit bezpe\u010dnostn\u00edmu t\u00fdmu, dob\u0159e implementovan\u00fd SIEM v tom m\u016f\u017ee z\u00e1sadn\u011b pomoci.<\/p>\n\n\n\n<p>V Logmanageru pom\u00e1h\u00e1me firm\u00e1m z\u00edskat p\u0159ehled o IT bezpe\u010dnosti pomoc\u00ed\u00a0u\u017eivatelsky p\u0159\u00edv\u011btiv\u00e9ho SIEM \u0159e\u0161en\u00ed, kter\u00e9 je dostupn\u00e9 jako virtu\u00e1ln\u00ed appliance, nab\u00edz\u00ed v\u0161echny pot\u0159ebn\u00e9 funkce, snadnou spr\u00e1vu a \u0161k\u00e1lovatelnost. A to bez zbyte\u010dn\u00e9 slo\u017eitosti. Vyzkou\u0161ejte si n\u00e1\u0161<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Zjist\u011bte, jak funguje SIEM a jak\u00e1 je jeho role mezi bezpe\u010dnostn\u00edmi n\u00e1stroji.<\/p>\n","protected":false},"author":4,"featured_media":3962,"parent":0,"template":"","learning_hub_tag":[],"class_list":["post-7169","learning_hub","type-learning_hub","status-publish","has-post-thumbnail","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub\/7169","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub"}],"about":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/types\/learning_hub"}],"author":[{"embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/users\/4"}],"version-history":[{"count":1,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub\/7169\/revisions"}],"predecessor-version":[{"id":7171,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub\/7169\/revisions\/7171"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/media\/3962"}],"wp:attachment":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/media?parent=7169"}],"wp:term":[{"taxonomy":"learning_hub_tag","embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub_tag?post=7169"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}