SIEM Home Lab

A comprehensive Elastic SIEM environment for monitoring and threat detection.

SIEM Home Lab Project

Project Overview

Building an Elastic Security Information and Event Management (SIEM) environment from the ground up to effectively monitor logs, detect suspicious behavior, and simulate real-world attacker activity in an isolated setting.

Key Features

  • Full deployment of the Elastic Stack (Elasticsearch, Logstash, Kibana).
  • Ingestion of network traffic, endpoint logs, and authentication events using Winlogbeat and Filebeat.
  • Custom crafted dashboard visualizing key metrics and threat intelligence.
  • Simulated attack scenarios using tools like Kali Linux and Atomic Red Team.
  • Creation of custom alert thresholds and detection rules targeting specific adversary tactics.

Technologies Used

Elasticsearch Kibana Logstash Windows Server Kali Linux
Back to Projects