With the SIEM, I would really like to see the ability to injest logs from syslog sources and from various devices. Such as Ubiquiti, pfSense, fortigate, and other firewalls/switches. Also other devices would be good such as printers and IoT devices.
While these can generate a lot of noise, if we know how to best configure we can filter the noise out prior to shipping them to you.