SIEM, Security Information and Event Management, generally referred to as Information Security Threat and Event Management. It is a passive prevention system that stimulates and directs information system administrators by establishing meaningful relationships between logs according to defined rules over the logs collected from all the devices in the system room (Firewall, IDS, IPS, active device logs, system logs, application logs etc).

What benefits does SIEM provide to the operator?
SIEM is a powerful software located in the network system of enterprises.
Intrusion Detection Systems (IDS) understands only Packets, Protocols and IP Addresses. End-user security systems (Endpoint Security) see files, user names, and hosts. Your service logs show user entries, service activity, and configuration changes. Asset Management systems see applications, business processes, and owners. But none of these systems can tell you what your business is in terms of ensuring the continuity of your own business processes ... But together with SIEM it can be achieved.
With SIEM, businesses benefit themselves in the following ways:

 Collection of logs in one center is ensured. Combine the information contained in existing systems, provide analysis and cross-reference from a single interface.
 Active monitoring is achieved by correlating centrally collected logs and running any desired set of rules.
 More meaningful deductions are provided from the intuition to be gained when each system's logs are collected separately. That is, events from different sources can be combined and compared to describe invisible behavior patterns in a single device.
 Collected logs can also be matched to your business specific information.
 Correlation (correlation engine) allows you to automate the detection of any anomalies that should not occur in your network.
 Your network generates and stores daily data in a very large amount. To look for bad things, you can not hire enough people to read every line of these diaries.
 SIEM allows you to access meaningful information without giving them access to the systems, with the logos coming from the systems.
 Encrypt security information to alert you about events in your infrastructure by automatically searching through events and asset information, and allowing you to create a starting point for human analysis in a day's data base.

SIEM is as useful as the Information you put into it.
SIEM is nothing more than a management layer over your existing systems and security controls.
It combines the information contained in existing systems, allowing them to be analyzed and cross-referenced from a single interface.