I am studying for my Network+ and my Sec+ hoping to shadow our Cyber Sec guy at work.

I want to set up a SIEM on my home network so I can be used to it’s operations and how it works by the time I start messing with Pentesting stuff. Then I’m going to use it to try and track myself when I pentest myself.

I was looking into Graylog or Security Onion since they seem to have decent documentation (and I can find videos on how to set them up which is nice).

I was recommended building my own ELK stack and doing everything manually for maximum learning potential. Which I understand why this is a good idea, but I think I’d rather be as close to “baby’s first SIEM” as possible or at least have a robust how-to guide.

What do you suggest?

  • MTK@lemmy.worldEnglish
    4·
    7 days ago

    I suggest skipping the devops part and instead starting with a course. If you go with setting it up you will probably spend 95% of the time doing devops and not security (which is usually the client of the devops team that maintains the SIEM)

    • nagaram@startrek.websiteOPEnglish
      1·
      6 days ago

      Got any recs? I can generally talk my company into paying for most anything education wise, but Udemy style courses work with my ADHD the best.

      • MTK@lemmy.worldEnglish
        1·
        6 days ago

        Nothing that comes to mind, but simple search of the SIEM you are going to use in youtube and pirate bay should provide some good starters