How I Added SIEM to My Homelab With Wazuh — and What It Found on Day One

I've been running Grafana and Prometheus on my homelab for about a year. CPU usage, RAM, disk, container uptime — the usual infrastructure metrics. I thought that was monitoring. Then I deployed Wazuh and found out I had no idea what was happening on my network. What Wazuh Is Wazuh is an open-source SIEM (Security Information and Event Management) and XDR platform. It collects logs and events from agents you deploy on your systems, runs them through detection rules, and alerts you when something looks wrong. It's the same class of tool that security teams use in production environments — and it's free. The key mental model: Grafana asks "is this working?" Wazuh asks "is this being abused?" You need both questions answered. The Setup I'm running a 3-node Proxmox VE 8.x cluster. Wazuh 4.9.2 all-in-one lives in LXC 107 on my main node (nx-core-01). Container specs: 4 vCPU, 8GB RAM, 50GB disk. Wazuh is memory-hungry — don't go below 6GB or the indexer will struggle. The all-in-one install

How I Added SIEM to My Homelab With Wazuh — and What It Found on Day One

Related Articles

Why New Bug Bounty Hunters Get Stuck — And How to Fix It

Beyond the Code: Why the 7-Step Development Lifecycle is Your Competitive Advantage.‍

HadisKu Is Now Ad-Free: Why I Removed Ads From My Islamic App

How To Be Productive — its not all about programming :)

Welcome Thread - v371

Related Articles

How-To
Why New Bug Bounty Hunters Get Stuck — And How to Fix It
Medium Programming • 3h ago

How-To
Beyond the Code: Why the 7-Step Development Lifecycle is Your Competitive Advantage.‍
Medium Programming • 4h ago

How-To
HadisKu Is Now Ad-Free: Why I Removed Ads From My Islamic App
Dev.to • 6h ago

How-To
How To Be Productive — its not all about programming :)
Medium Programming • 6h ago

How-To
Welcome Thread - v371
Dev.to • 7h ago