SIMS: Solution, or Part of the Problem?

The author evaluates security information management systems, or SIMS, which promise to solve a serious network security problem: log analysis. The idea behind log analysis is that if you can read the log messages in real time, you can figure out what the attacker is doing. And if you can respond fast enough, you can kick him out before he does damage.