Hey all - just wanted to see what any more security minded folks are using to monitor their home network from a SIEM perspective. There are a few opensource/freemium options out there and I wanted to get opinions on what folks have had extreme success with.
My plan is to build something that will at least monitor my virtual networks within my esxi instance...for now I was looking at Greylog, Splunk, LogRhythm, Alienvault but again, open to recommendations. I've very briefly tried LogRhythm and Alienvault and so far I couldnt get LogRhythm to enable the interfaces on reboots (had to manually enable at cli) and then Alienvault OSSIM so far has had database problems after a 100% fresh install (trying again tho).
Thanks in advance!
My plan is to build something that will at least monitor my virtual networks within my esxi instance...for now I was looking at Greylog, Splunk, LogRhythm, Alienvault but again, open to recommendations. I've very briefly tried LogRhythm and Alienvault and so far I couldnt get LogRhythm to enable the interfaces on reboots (had to manually enable at cli) and then Alienvault OSSIM so far has had database problems after a 100% fresh install (trying again tho).
Thanks in advance!