Update _posts/2025-03-05-OpenSearch-as-a-SIEM-Solution.md

DattellConsulting · natebower · web-flow · commit 4d4ff408efc3 · 2025-03-17T11:34:02.000-07:00
Co-authored-by: Nathan Bower &lt;nbower@amazon.com&gt;
Signed-off-by: DattellConsulting &lt;103694126+DattellConsulting@users.noreply.github.com&gt;
diff --git a/_posts/2025-03-05-OpenSearch-as-a-SIEM-Solution.md b/_posts/2025-03-05-OpenSearch-as-a-SIEM-Solution.md
@@ -58,7 +58,7 @@ OpenSearch's search capabilities also enable ad hoc log analysis and threat hunt
 ### <u>Event correlation</u>
 OpenSearch can also perform cross-source event correlation. Even outside of the automated correlation engine for alerts, an analyst can manually cross-correlate by querying for related identifiers. For instance, after spotting an unusual login in authentication logs, an analyst might search the VPN logs and DNS logs for the same user or IP address around that time. This process is facilitated by the SIEM having all logs indexed in one system. 
 
-OpenSearch’s ability to search multiple indices and correlate events from different data sources helps analysts identify the root cause of an incident. If a security incident involved data exfiltration, an analyst could correlate VPN access logs, server file access logs, and external network traffic logs to see exactly what was accessed and where it was sent. 
+OpenSearch's ability to search multiple indexes and correlate events from different data sources helps analysts identify the root cause of an incident. If a security incident involved data exfiltration, an analyst could correlate VPN access logs, server file access logs, and external network traffic logs to see exactly what was accessed and where it was sent. 
 
 
 
