New article on SANS covering SEIM. Talks about log collection in general and specifically focusing on open source approaches. It mentions an excellent Linux security distro: Security Onion