This talk is about building a foundation for a Security Operation Center in terms of logging infrastructure.The main focus is on scaling out your logging infrastructure to handle huge volumes that traditional tools can not handle anymore, showing best practice, tools, and designs, all based on real.