We currently have a set of microservice.
We would like to log all HTTP Requests using the Elastic Common Schema (ECS).
Since Elastic propose a SIEM (known as Elastic SIEM), would it make sense to display these data in SIEM? Since it's possible to add a custom index pattern to the SIEM interface.
We like the mapping approach, cases managements, etc.
However, it seems like SIEM is more for "security" at hardware/host level.