Good security strategies include real-time event log monitoring for critical security incidents and periodic analysis of security-relevant logs. This enables you to detect suspicious activity and respond quickly. Monitor security-relevant policies, mechanisms (e.g., authentication, authorization, etc.), activity (e.g., privileged user activity) and applications (e.g., IDS, IPS, firewall, etc.) in real time.