How to set a simple Elastic SIEM Lab

Set up a home lab for Elastic Stack SIEM using the Elastic Cloud and a Kali Linux VM. You’ll learn how to generate security events on Kali, set up an agent to send data to Elastic SIEM, and analyze the logs.

Here’s what this project aims to do:

Set up a free Elastic account. Configure the Elastic Agent on the Linux VM to collect the logs and forward it to the SIEM. Generate security events on the Kali VM. Query to find the security events in the Elastic SIEM. Create a Dashboard to visualize security events. Create alerts for security events.

Walkthrought:

Preparation of the work environment
Generating Security events and querying
Create a Dashboard to Visualize the Events
Create an Alert
Conclusion

Francesco Emulo

I hope my portfolio can inspire you!

How to set a simple Elastic SIEM Lab

Walkthrought: