What on Earth is a SIEM anyway?
A SIEM is a Monitoring System that collects/aggregates Logs – the abbreviation means:
Security Information and Event Management System It is a critical component in the security infrastructure of any company.
But why should you care about SIEM for your HomeLab at all?
That is a very good question and it has 1 simpleanswer.
In your (current or next) job you will need monitoring for your companies’ infrastructure.
How do you learn that?
By building a SIEM for your HomeLab. Today – How to SIEM @ HomeLab
Step by Step:
- Decide if you want to use Docker/Containers or not
- choose SIEM software
We will go through the installation process of @wazuh as our SIEM without containers today
@wazuh Next we need a VM to run the SIEM (@wazuh) – Ubuntu Server 22.04 LTS is our #1 choice
get it here: