The main difference between a Security Event Management (SEM) system and a log management system is that SEM systems are useful for log collection, collation and analysis

A.
In real time

B.
For historical purposes

C.
For admissibility in court

D.
In discerning patterns

Explanation:
A: Security event management (SEM) solutions are intended to provide a common platform for log collection, collation, and analysis in real-time to allow for more eff ective and effi cient response. Log management systems are similar in that, they also collect logs and provide the ability to report against them, although their focus tends to be on the historical analysis of log information, rather than real-time analysis. Th ey may be combined with SEM solutions to provide both historical and real-time functions. Evidence collections for admissibility in court and pattern discernment are not real-time functions.
Page 563.