Do I get it right that translated from marketingspeak it means "log viewer with backend"?

I'm more understanding it as a tool so that multiple people collaborating on investigating a hack/data-breach/etc can audit/tag events in the interesting logs (ssh logins, weird executables starting,network probes, etc) from various sources and get a _combined timeline_ to easier determine adversary movement, cause-and-effect and so on to easier find what needs patching,etc.