Skip to content
/ SIEM-Deployment-Threat-Detection-Wazuh-ELK-Log-Analysis Public

A SIEM deployment project focused on log analysis, threat detection, and security monitoring using Wazuh, ELK Stack, and correlation rules.

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

RegularGeek/SIEM-Deployment-Threat-Detection-Wazuh-ELK-Log-Analysis

BranchesTags

Repository files navigation

SIEM Deployment & Threat Detection

πŸ“œ Overview

Deployed a SIEM solution (Wazuh/ELK/Graylog) to monitor security logs, detect threats, and respond to incidents.

πŸ› οΈ Tools Used

  • Wazuh
  • ELK Stack (Elasticsearch, Logstash, Kibana)
  • Graylog (Optional)
  • Splunk Free (Optional for demo)

πŸ” Process

  1. Set up SIEM server.
  2. Configure log collection from endpoints, firewalls, and servers.
  3. Develop correlation rules for brute force, malware, lateral movement.
  4. Build dashboards for threat monitoring.

πŸ“Š Results

  • Detected multiple test attacks from simulated tools.
  • Enhanced visibility into network activity.

πŸ“‚ Files

  • siem-architecture.png
  • sample-log-data.json
  • correlation-rules.yaml
  • dashboards-screenshot.png
  • SIEM-deployment-guide.md

About

A SIEM deployment project focused on log analysis, threat detection, and security monitoring using Wazuh, ELK Stack, and correlation rules.

Topics

log-analysis incident-response cybersecurity siem elk-stack wazuh threat-detection security-monitoring

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published