I'm diving into my first security project on AWS, and I'm on the lookout for a solid SIEM for log analysis. My main criteria are that it needs to work seamlessly with AWS, be free to use, and if possible, offer mapping or visualization features to show IP locations globally. I'm specifically capturing logs from a Windows 10 EC2 instance, focusing on failed login attempts. Any suggestions?
3 Answers
Have you checked out Splunk? They have a free security app that might meet your needs. It allows for 500MB of indexed data per day, which should be helpful for your project!
Wazuh is a great option! It's an open-source security monitoring solution that works well in cloud environments like AWS.
Don't forget about Sumo Logic! They offer some free options that could fit your requirements.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures