The article presents elementary and complex computer attacks models, information security events and incidents models, and also describes software tool for information security incident management systems (SIEM systems) simulation testing, implemented as a complex computer attacks generator. It is designed to carry out a targeted attack on the nodes of the network infrastructure controlled by the SIEM system. Complex computer attacks that created in the form of network traffic are described by a scenario, the execution of which allows us to evaluate the capabilities of SIEM to identify a wide range of information security threats - impacts on files, installation of remote administration utilities, changes in system configuration parameters, etc.