FortiSIEM Collector VM is used for data collection in AWS environments. FortiSIEM is a highly scalable multi-tenant Security Information and Event Management (SIEM) solution that provides real time infrastructure and user awareness for accurate threat detection, analysis and reporting. FortiSIEM first discovers the infrastructure including devices, applications, users in physical / virtual, on-premise / cloud environments and auto-populates a Configuration Management Database (CMDB). It then collects various pieces of information such as logs, traffic flows, performance metrics, configuration changes and correlates them in real time to detect security and performance issues. FortiSIEM has built-in integrations with over 350 devices and applications for data collection, major external threat intelligence sources, major ticketing systems and supports all major compliance requirements. FortiSIEM has a purpose built software architecture that can scale collection, real time correlation and reporting by incrementally adding virtual appliances without any down time.