You are required to configure a solution for real-time analysis of logs from several Compute Engine instances. The solution must automatically escalate any anomalies detected in the logs to the security team. Which approach should you take to set up this process efficiently?