July 8, 2021

Best free/easy-to-setup SIEM?

I’m currently a sysadmin for a small university and I’m trying to pivot into a more cybersecurity focused role. Our administration is security conscious but we’re understaffed and underfunded. I’m looking to implement an SIEM but it would need to be free/open source. Also, I’ll have to bring it up in a test lab in my free time before I can convince them to implement it so I’m really looking for the most straightforward option with the best documentation/support community. Thanks for your suggestions!

Comments

KStieers

ELK stack… (elastisearch, logstash, kibana) is probably the most commonly suggested one. Its also what some commercial offerings are based on.

dimx_00

I don’t think there is such a thing as easy to setup SIEM. You really need to configure/tailoring it to your environment. This includes a lot of fine tuning and adjusting. There isn’t one that would work straight out of the box no matter it’s cost. SIEM could be a full time job in its self.

Splunk is free for 500MB per day. It has its limits but if you want to get your feet wet in a lab I would suggest it to see what it’s all about.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.