Match the SIEM function with the description.

This is focusing on the functions of a Security Information and Event Management (SIEM) system. SIEM systems are used for real-time analysis of security alerts generated by applications and network hardware.

1. Normalization: Maps log messages from different systems into a common data model.
2. Correlation: Links logs and events from disparate systems or applications, speeding detection of and reaction to security threats.
3. Aggregation: Reduces the volume of event data by consolidating duplicate event records.