Skip to content

owvr27/Mini-siem

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 

Repository files navigation

SIEM-Py 🔐

SIEM-Py is a simple Python-based SIEM (Security Information and Event Management) script that analyzes system and web server logs to detect suspicious activity.

The project currently processes:

  • Linux authentication logs (auth.log)
  • Apache web server logs (apache.log)

This project is intended for learning, practice, and cybersecurity labs.


📂 Project Files

SIEM-Py/ ├── siem.py # Main SIEM analysis script ├── auth.log # Linux authentication logs ├── apache.log # Apache web server logs └── README.md


🚀 Features

  • Parses Linux auth.log
  • Parses Apache access logs
  • Detects suspicious events (e.g. failed logins, brute-force attempts)
  • Simple and readable Python code
  • Easy to extend with new detection rules

▶️ Usage

Requirements

  • Python 3.x

Run

python siem.py

The script will analyze the logs and print detected security events.
🧠 What It Detects

    Multiple failed SSH login attempts

    Unauthorized login attempts

    Suspicious web requests in Apache logs

    Basic brute-force behavior

🎯 Purpose

    Learn SIEM fundamentals

    Practice log analysis

    Blue Team / SOC training

    Portfolio cybersecurity project

📌 Future Improvements

    Real-time log monitoring

    Alert severity levels

    Output alerts to files

    Support for more log types

    Dashboard or CLI options

📜 License

MIT License
⭐ Notes

This is a basic SIEM implementation and not intended for production use.


About

SIEM-Py is a lightweight Security Information and Event Management (SIEM) system built in Python for collecting, parsing, correlating, and analyzing security logs in real time.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages