sameersuchdeve/wazuh-home-siem-lab

GitHub: sameersuchdeve/wazuh-home-siem-lab

Stars: 0 | Forks: 0

# Wazuh Home SIEM Lab ## Overview This project involved building a home SIEM lab using Wazuh, Ubuntu Linux, Windows 11, and Oracle VirtualBox. The environment was designed to simulate enterprise security monitoring by centralizing logs and monitoring endpoint activity across Linux and Windows systems. ## Architecture Wazuh Manager (Ubuntu VM) ↑ ┌─────┴─────┐ │ │ Ubuntu VM Windows 11 VM ## Technologies Used - Wazuh - Ubuntu Linux - Windows 11 - Oracle VirtualBox - Wazuh Agents ## Features - Centralized log monitoring - Linux endpoint monitoring - Windows endpoint monitoring - Security event visibility - Endpoint log collection ## Skills Demonstrated - SIEM deployment - Log analysis - Endpoint monitoring - Linux administration - Windows monitoring - Security operations workflows ## Future Improvements - Add Sysmon integration - Configure custom detection rules - Simulate attack scenarios - Add threat intelligence feeds ## Screenshots ### Wazuh Dashboard ![Dashboard](https://static.pigsec.cn/wp-content/uploads/repos/2026/06/1ed9e50c52083246.png) ### Active Agents ![Agents](https://static.pigsec.cn/wp-content/uploads/repos/2026/06/ebec07ae6e083247.png) ### Windows Endpoint ![Windows Endpoint](https://static.pigsec.cn/wp-content/uploads/repos/2026/06/6fc0690b0d083248.png) ### Ubuntu Endpoint ![Ubuntu Endpoint](https://static.pigsec.cn/wp-content/uploads/repos/2026/06/df60371c1e083249.png)