SIEM needs the ability to send alerts based on specific Queries setup. For, example send a alert or ticket when the admin account for a firewall is signed into